Apple has announced a significant enhancement to its iOS security with the introduction of Lockdown Mode, aimed at safeguarding activists, journalists, and other high-risk individuals from state-sponsored spyware threats, including those from the infamous Pegasus and Predator programs. This new feature will be available on iPhones, iPads, and Mac computers.
Lockdown Mode is designed to counter the sophisticated surveillance tools sold to governments by the thriving spyware industry. Apple is raising its maximum bounty for researchers uncovering vulnerabilities related to this mode to $2 million, reflecting the company’s commitment to improving security.
Ivan Krstic, Apple’s head of security engineering, stated in a blog post, “While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are.” The company is actively addressing concerns raised by reports that Pegasus spyware, developed by the Israeli NSO Group, has been utilized by various governments to surveil journalists and political opponents.
In response to the threat posed by state-sponsored actors, Apple has initiated legal action against the NSO Group, asserting that its spyware has targeted a limited number of iPhone users globally. Craig Federighi, Apple’s senior vice president of software engineering, emphasized the need for accountability within the commercial spyware industry, stating, “State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change.”
Pegasus is notorious for infiltrating mobile phones to extract sensitive data or activate microphones and cameras for spying. Although NSO Group claims its software is intended solely for government use against criminals and terrorists, ongoing legal scrutiny continues to raise questions about its actual deployment.
In a recent incident, a Spanish court indicated a desire to question NSO Group’s executives regarding a hacking scandal that affected the Spanish Prime Minister’s phone. Meanwhile, Google has reported that spyware from RCS Lab, an Italy-based firm, has targeted both Apple and Android devices in Italy and Kazakhstan, highlighting the growing risk posed by the commercial spyware sector.
Google’s threat analysis team is monitoring over 30 companies involved in selling surveillance capabilities to governments, describing the commercial spyware industry as “thriving and growing at a significant rate.” In response, Google has warned affected Android users and strengthened its software defenses.
Apple’s Lockdown Mode aims to limit certain device features and functionalities to mitigate potential exploits by mercenary spyware. This extreme, optional mode enhances device defenses and significantly reduces the attack surface, making it a critical tool for those at risk of targeted attacks.
