Apple to add 'lockdown' mode to protect users from spyware attacks

Apple plans to roll out a 'lockdown' option for iPhones, iPads and Mac computers intended to protect against spyware unleashed by state-sponsored hackers. Photo / AP

Apple said it will roll out a "lockdown" option for iPhones, iPads and Mac computers intended to protect against spyware unleashed by state-sponsored hackers - although enabling that protection will also make these devices less useful.

The safeguard is a tacit acknowledgement that not even Apple - the world's most valuable company - has been able to adequately shield the iPhone and its other products against intrusions from state-backed hackers and commercial spyware. Governments have used these tools to violate the privacy of journalists, political dissidents, and human rights activists.

The new feature, called "lockdown mode", will initially be offered as a test version so that security researchers can help Apple identify any bugs or weaknesses. Apple usually releases its major updates to its device operating systems in late September.

While only a handful of countries appear to have the resources to develop in-house mobile phone-hacking tools, private companies like Israel's NSO Group have been selling phone-hacking software to government agencies around the world for years.

The growing hacker-for-hire problem prompted Apple to file a federal lawsuit late last year against NSO Group for breaking into iPhones and other Apple products. In its complaint, Apple accused NSO Group employees of being "amoral 21st-century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse".

NSO, which has been blacklisted by the US Commerce Department, has denied any wrongdoing and said its products have been used to thwart child abusers and terrorists.

Unlike the security features that Apple builds into most of its software, the company's lockdown feature is meant to serve as an emergency button that Apple expects will only be needed by a small number of its users.

The lockdown measure is considered a last resort for people targeted by spyware, since activating lockdown will disable many popular features. That includes sending attachments and links in texts, as well as the ability to receive FaceTime calls from new numbers. Web browsing will also be limited.

But Apple believes the extra layer of protection will be valuable to activists, journalists and other targets of hacking attacks launched by well-funded groups. Users will be able to activate and deactivate lockdown mode at will.

The growing use of encrypted communications through phone apps like WhatsApp and Signal have prompted governments to turn to commercial spyware vendors to gather information on targets.

Such mobile phone spyware vacuums up text messages, emails and photos while secretly controlling a smartphone's microphones and cameras. Some of the more advanced tools can infect a phone using so-called "zero click" exploits that don't depend on the user inadvertently activating them, such as by clicking on a malicious link.

Google, whose Android mobile phone platform is used by iPhone competitors, has also been targeted by commercial spyware vendors. The company's Threat Analysis Group says it's tracking more than 30 such companies and routinely publishes reports on exploits used to hack into phones, making them far less effective.

Google also offers an "Advanced Protection Program" that uses a special security key hardware to make user accounts harder to hack. The company said it strongly recommends the program for "journalists, activists, business executives, and people involved in elections".

Separately, Apple also provided more details about a $10 million grant it pledged last November to help counter large-scale hacking attacks. The money will go to the Dignity and Justice Fund, a philanthropic arm of the Ford Foundation.