Apple is taking steps to increase security for people like journalists, activists, and politicians A new setting in iOS 16, iPadOS 16, and macOS Ventura called Lockdown Mode. This setting strengthens the iPhone, iPad, or Mac's defenses in a way that breaks methods we've seen to compromise devices for highly targeted attacks.
These are areas that we know could be vulnerable, like Google's Project Zero team Hinge how iPhones of Pegasus targets can be hacked in a "zero-click" scenario using GIF to exploit iMessage in the background . Other attacks repeatedly target MDM solutions or use malicious websites to exploit flaws in the show, lockdown mode locks these doors from the start.
Apple describes it as an "extreme and selective" level of protection, which is an apparent response to the growing use of state-sponsored mercenary programs like the Pegasus tool developed by NSO Group. Evidence of the program was found on the devices of journalists such as Jamal Khashoggi. According to Bloomberg reporter Markus Gorman, Apple just released iOS 16 developer beta 3, which includes lockdown mode.
In recent years, Apple has been criticized for not working with security researchers to find and fix vulnerabilities in its platforms like other big tech companies have done before. The iOS bug bounty program started in 2016. Eventually, the program expanded to cover other devices in 2019. While it said it would distribute dedicated security research devices to outside researchers.
Ivan Krstic, Apple's Head of Security Engineering and Engineering: "While the vast majority of users will never fall victim to highly targeted cyberattacks, we will work tirelessly to protect the small number of users, in addition to supporting researchers and organizations." around the world doing very important work to expose the mercenary companies that are manufacturing these digital attacks.”
When introducing new operating systems at WWDC 2022 in June, Apple said the new Rapid Security Response feature allows patches for security vulnerabilities to be deployed more quickly and take effect on your Mac without requiring a reboot. iOS 16 and macOS Ventura are also said to include support for new Passkey technology which will help eliminate the use of passwords.
Other tech companies have made similar efforts in some ways, such as Google's Enhanced Protection Program on their accounts and Microsoft's Super Duper Security Mode, which began testing Edge last fall. A few small businesses have tried it, too. We're introducing solid Android devices that promise protection from various vulnerabilities, but lockdown mode is a new level of security that will be available to millions of people once it's released with new software later this year updates is introduced.
Even with that protection, finding vulnerabilities in operating systems that control so many devices is a valuable endeavor, and Apple says it's doubling the reward for "qualifying results" in lockdown mode to $2 million, which it says according to the highest maximum reward in the industry is . . . Apple also says that no damages have been awarded from a lawsuit filed against NSO Group last fall It's being added to a $10 million grant to support organizations that "investigate, detect and protect targeted cyber attacks." including those developed by private companies that develop government-sponsored mercenary spyware."