In context: Apple has been sounding the alarm for months about what it calls state-backed contract spyware. Now, the company confirms that the upcoming major operating system updates will include a drastic new security feature to combat the problem. It says that most users will probably never need it.
When iOS 16, iPad OS 16 and macOS Venture launch later this year, they will introduce a new feature called Lock Mode, which will severely restrict communication to thwart spyware. Apple has accused groups like NSO and RCS Labs of developing spyware that has been used in recent targeted political cyber-attacks.
The feature also blocks FaceTime calls and other communication requests from numbers that a user has never called before. Wired connections don’t work when a device is locked, users can’t install configuration profiles, and they can’t enroll a device for mobile device management. Apple will eventually add other protections to Lockdown Mode.
The Cupertino-based company offers higher bounties for finding exploits in Lockdown mode, capped at $2 million to entice security researchers to quickly notify it of any flaws in the system. In addition, Apple is launching a $10 million grant to support groups fighting targeted cyberattacks. Any damages Apple receives from its lawsuit against the NSO group will contribute to the fund.
In November, Apple filed suit against NSO and its parent company, accusing the company of developing spyware that exploited iOS to attack iPhones on behalf of government agencies. A month later, NSO’s Pegasus spyware landed on the iPhones of US diplomats in Uganda. In June, reports described a similar group, RCS Labs, also developing spyware that governments use to attack specific Android and iOS devices. Apple says it has designed Lockdown Mode for the small portion of its user base that may be subject to this type of surveillance.