Apple's Lockdown Mode is for users who are high-risk cybersecurity targets; here's all you need to know

Apple has announced a new security capability that will offer specialised additional protection to users who are at a high risk of being targeted by cyberattacks from private companies that develop “state-sponsored mercenary spyware”. Alongside, the company also announced more details regarding its $10 million grant that’s going to help research on how these threats can be exposed. This grant will support civil society organisations that work on mercenary spyware threat, research, and advocacy.

Apple’s new security capability - called the Lockdown Mode - will come this fall with iOS 16, iPadOS 16, and macOS Ventura. Lockdown Mode is an extreme (and optional) protection designed for a small number of users who “face grave, targeted threats to their digital security”.

These users could be undert threat because of who they are or what they do and are those who are susceptible to become targets of sophisticated digital threats, “such as those from NSO Group and other private companies developing state-sponsored mercenary spyware”.

Once Lockdown Mode on iOS 16, iPadOS 16, or macOS Ventura is turned on, it hardens device defences and strictly limits certain functionalities thereby reducing the attack surface that can be potentially exploited by trageted spyware.

When lauched, the Lockdown Mode blocks most types of message attachments except for images. Some other features, like link previews, are also disabled. It disabales complex web tech like just-in-time (JIT) JavaScrit compilation from all sites except for the sites marked out as “trusted” under the Lockdown Mode.

Lockdown Mode also blocks incoming invitations and service requests, including FaceTime calls unless the user has previously sent the initiator a call or a request. This mode blocks all wired connections with computer or accessory with the iPhone is locked and configuration profiles cannot be installed and the device cannot enrol into mobile device management (MDM) when the Lockdown Mode is on. MDM is a software that allows IT administrators to control, secure and enforce policies on smartphones, tablets and other endpoints.

Apple said that it is going to continue to stregthen the Lockdown Mode and add new protections moving forward. The company is also inviting feedback and collaboration from the security research community to help develop the Lockdown Mode further. And in order to facilitate this, Apple has established a new category under the Apple Security Bounty program that will reward researchers who can find Lockdown Mode bypasses and help improve protections.

“Bounties are doubled for qualifying findings in Lockdown Mode, up to a maximum of $2,000,000 — the highest maximum bounty payout in the industry,” Apple said.

The company has also made a $10 million grant, above and beyond the damages that are awarded from the lawsuit filed against the NSO group. This fund will support organisations that investigate, expose, and help prevent highly-targeted cyberattacks.

“The grant will be made to the Dignity and Justice Fund established and advised by the Ford Foundation — a private foundation dedicated to advancing equity worldwide — and designed to pool philanthropic resources to advance social justice globally,” Apple added in the announcement.

This Dignity and Justice Fund expects to make its first grants in late 2022 or early 2023, and will initially be funding approaches to help expose mercenary spyware and protect potential targets.

“The Dignity and Justice Fund’s grant-making strategy to research, track, and hold the enhanced cyber weapons trade accountable will be advised by an independent, global Technical Advisory Committee,” Apple said.  

The initial members of the Technical Advisory Committee include Daniel Bedoya Arroyo, digital security service platform analyst at Access Now; Ron Deibert, professor of political science, and director of the Citizen Lab at the Munk School of Global Affairs & Public Policy, University of Toronto; Paola Mosso, co-deputy director of The Engine Room; Rasha Abdul Rahim, director of Amnesty Tech at Amnesty International; and Ivan Krstić, head of Apple Security Engineering and Architecture.

Also Read: How to know if you are being tracked by an AirTag

Also Read: Apple’s very useful feature on iOS 16 rolling out for India that we’ve not talked about yet