Blog
Apple recently previewed its new Lockdown Mode, a security feature developed in response to the growing threat of mercenary spyware. The mode acts as a defense against spyware by shutting down many features and functions on the phone. While Lockdown Mode has gotten many good reviews, it’s not without criticism altogether.
What is Mercenary Spyware?
Mercenary spyware is sophisticated malware that is designed to target influential people like world leaders, diplomats, politicians, human rights activists, and more. While these targets amount to a very small percentage of the population, the information they possess is important and confidential.
NSO Groups’ Pegasus spyware is perhaps the most infamous example of mercenary spyware, and Apple has a vested interest in stopping it. The tech giant sued NGO Group last year in an effort to stop it from selling malware that targets Apple users.
Pegasus spyware has allegedly been involved in targeting human rights activists, espionage against Pakistan, unwarranted surveillance of Israelis, and the murder of Jamal Khashoggi, a Saudi journalist and dissident.
How Apple’s Lockdown Mode Combats Mercenary Software
Apple’s Lockdown Mode will not be available for everyone, but those who need it will know who they are. Lockdown Mode will be available for iOS 16, iPadOS 16, and macOS Ventura in the fall. The mode limits certain functionalities, protocols, and services so that the surface area of potential attacks is reduced significantly.
Functions that will shut off in Lockdown Mode include just-in-time JavaScript, which usually runs in the background, and mobile device management, which installs organization-specific software. Message attachments, excluding images, will be blocked, as will Apple services like invitations, service requests, and FaceTime calls.
Apple has been transparent about the issues Lockdown can pose to the user experience, which is refreshing but not altogether unsurprising, at least not for those in the cybersecurity industry. It is known in the “inner circles” that most security measures often come at the expense of the seamless user experience, and cybersecurity professionals often find themselves at odds with other employees who value ease of use over security.
Is Apple’s Breakthrough Really a Breakthrough?
Apple’s Lockdown Mode is revolutionary in that it provides extreme security for a small, elite group of people who need it. Its creation also acknowledges the fact that Apple devices are, indeed, vulnerable. Its release may even goad Google and others to develop similar security features of their own.
However, there are two things to remember. First, Apple’s Lockdown Mode is not without vulnerabilities itself. The company is offering a $2 million reward to any hacker who can find a vulnerability in the software and bypass it. While this is standard practice in the security field, the reward has never been so large.
Second, some industry experts have criticized Lockdown for its approach as a form of defense instead of offense. James Forshaw, a Project Zero researcher at Google, tweeted, “The Apple “Lockdown mode” does sound interesting. But what would really be a game changer would be system transparency so you could actually inspect your iOS device with[out] jailbreaking it. After all, how can you verify lockdown mode hasn’t been tampered with?”
Despite the criticism, there is no doubt that Apple’s Lockdown Mode is a big step in the right direction. The sooner more companies admit that their devices have vulnerabilities, the faster they will be able to develop solutions.