Apple Will Block Spyware Attacks

Uploaded on 2022-07-18 in TECHNOLOGY--Developments, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Apple has announced that it will introduce a new security feature to protect high-risk users from spyware attacks. “Apple is previewing a groundbreaking security capability that offers specialised additional protection to users who may be at risk of highly targeted cyber attacks from private companies developing state-sponsored mercenary spyware,” says an Apple news up-date. 

Lockdown Mode will be available in the autumn with the next operating system across all of the company's iPhones, iPads and Macs which will enable users to significantly reduce some features to protect devices from infection.

Apple says the new feature is an “extreme optional protection” for device owners who are more likely to be targeted by nation states using powerful spyware, like journalists, human rights defenders and political activists.
The setting blocks certain functions and prevents unknown users from calling. It comes after Apple devices owned by activists, politicians and journalists were infected with spyware.

Apple is suing NSO Group an Israeli spyware company accusing it of targeting victims in 150 different countries with its powerful Pegasus spyware.

The firm's software could infect both iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras. NSO Group says its tools are made to target terrorists and criminals and insists it only supplies Pegasus to military, law enforcement and intelligence agencies from countries with good human rights records.

When the extent of the alleged surveillance was revealed last July, Apple faced criticism from privacy and security experts for not protecting users. It quickly released an emergency software update to all devices to patch up the vulnerability that Pegasus had secretly been using for years.

Apple is releasing Lockdown Mode as a wider security feature it claims can protect devices from all known spyware currently on the market. Lockdown Mode will include the following protections: 

Messages:  Most message attachment types other than images are blocked. Some features, like link previews, are disabled

Web browsing: Certain complex web technologies, like just-in-time JavaScript compilation, are disabled unless the user excludes a trusted site

Calls: Incoming invitations including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request

Wired connections:  With a computer or accessory are blocked when iPhone is locked

At launch, Lockdown Mode will be available to all users in the device settings, but Apple suggests it should only be activated if someone is a risk of what it calls "mercenary spyware attacks", for example a journalist or opposition leader in a repressive regime. 

Apple announced it will double the bounty threshold it pays out to ethical hackers who discover security flaws in Lockdown Mode to $2m (£1.7m).The US firm will also donate $10m to a fund helping organisations expose the misuse of spyware.

Apple:    Reuters:      Bloomberg:     BBC:     Express & Star:    Washington PostCNet:   Independent:  

You Might Also Read: 

Pegasus Spyware & Not-For-Profit Cyber Security - What Are The Risks?:

 

« Conversational Commerce Is Going To Be Big - But Could Be Risky
Cyber Security In Fintech »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

Networkers

Networkers

Networkers is a global recruitment consultancy helping unite job-seekers and hiring companies across the technology industry.

Horangi

Horangi

Horangi provides security products and services that enable the rapid delivery of Incident Response and threat detection for our customers who lack the scale, expertise, or time to do it themselves.

BrainChip

BrainChip

BrainChip is the leading provider of neuromorphic computing solutions, a type of artificial intelligence that is inspired by the biology of the human neuron - spiking neural networks.

HackControl

HackControl

HackControl services include penetration tests, security audits, block chain audits and brand and anti-phishing protection.

Red Sky Alliance

Red Sky Alliance

Red Sky Alliance (Wapack Labs Corp) is a cyber threat intelligence firm that delivers proprietary intelligence data, analysis and in-depth strategic reporting.

ECHO Project

ECHO Project

The main objective of ECHO is to strengthen the cyber defence of the European Union, enhancing Europe’s technological sovereignty through effective and efficient multi-sector collaboration.

Infinidat

Infinidat

Infinidat delivers enterprise-proven solutions for data storage, data protection, business continuity, and sovereign cloud storage.

Noerr

Noerr

Noerr is one of the top European law firms with 500 professionals in Germany, Europe and the USA. We provide solutions to complex and sophisticated legal matters including cyber risks.

Topsec Cloud Solutions

Topsec Cloud Solutions

The Topsec Managed Email Security Platform eliminates Spam, Viruses, Malware, and Phishing.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

GreenPages Technology Solutions

GreenPages Technology Solutions

GreenPages provide expert strategic guidance and proven cloud-era solutions for our clients. Every day we help organizations leverage the cloud securely with less risk and cost.

CAT Labs

CAT Labs

CAT Labs is building digital asset recovery and cybersecurity tools to enable governments to fight crypto crime and to protect investors from hacks, fraud and scams.

Circle Security

Circle Security

Circle’s breakthrough security API unifies solutions for identity and data security into one architecture and empowers organizations to secure their identity, data and privacy in their applications.

Keepit

Keepit

Keepit offer all-inclusive, secure, and reliable backup and recovery services for your data.

Pvotal Technologies

Pvotal Technologies

Pvotal Technologies engineer complex, automated processes aligned with best AIOps, BizDevOps, DevSecOps, CloudOps, and ITOps practices.

CertifID

CertifID

CertifID is the only company dedicated to fighting fraud for the real estate industry with an identity verification SaaS platform, insurance, and proven recovery services.