In the latest iOS release (which can now be downloaded in beta versions), Apple is taking huge steps towards protecting those who are most likely to be targeted by high level spyware. Although this is Apple's main target, it is available for anyone to use.
Mostly, Lockdown Mode will be used by the likes of journalists, politicians and other government officials that want to add another layer of protection to their iPhone, iPad or MacOS device. This new setting hardens device's defence in ways that interrupt methods we’ve seen used to compromise devices for highly targeted attacks.
Lockdown Mode blocks many message attachment types, disables link previews, turns off some web browsing technology by default, stops invitations and FaceTime calls from unknown contacts and shuts down wired connections to computers or accessories while the device is locked. Along with this, it disables the ability to add new configuration profiles or sign up to mobile device management (MDM).
These are all areas that we know can be vulnerable, as Google’s Project Zero team detailed how iPhones of people targeted by the cyber attacking software could be compromised in a “zero-click” scenario by using a GIF to exploit iMessage in the background. Other attacks have repeatedly targeted mobile device management solutions or used websites to exploit flaws in rendering. With Lockdown Mode, these opportunities that could have previously been exploited are now shut down.
Apple is calling Lockdown Mode an “extreme, optional” level of protection that’s a clear response to the growing risk of cyber attacks across the world.
Apple’s head of security engineering and architecture, Ivan Krstić also stated, “While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”
Apple also released its new Rapid Security Response feature wit the latest MacOS which will updates for security patches to roll out faster and can take effect on a Mac without requiring a reboot. iOS 16 and macOS Ventura are also set to include support for new passkey technology that will help eliminate the use of passwords.