A Apple said on Wednesday that it plans to release a new feature called “Lockdown Mode” next quarter that aims to add a new layer of protection for human rights defenders, political dissidents and other potential targets of sophisticated hacking attacks.
The move comes after at least two Israeli companies exploited flaws in Apple’s software to remotely hack iPhones without the target having to click or touch anything. The NSO Group, maker of the “Pegasus” software that can carry out these attacks, has been sued by the company and placed on a trade sanctions list by US authorities.
The feature will arrive on Apple’s iPhones, iPads and Macs in the middle of next quarter, and its activation will block most attachments sent to the iPhone’s messaging app. Security researchers believe the NSO Group exploited a flaw in Apple’s handling of message attachments.
The new mode will also block wired connections to iPhones when locked. Israeli company Cellebrite used these manual connections to access iPhones.
Apple officials said they believe the sophisticated attacks the new feature is designed to combat — hacking techniques known as “zero click” — are still relatively rare and that most users won’t need to activate the new mode.
Spyware companies argue that they sell high-powered technology to help governments thwart national security threats. But human rights groups and journalists have repeatedly documented the use of spyware to attack civil society, undermine political opposition and interfere in elections.
To help bolster the new feature, Apple said it will pay up to $2 million for every flaw security researchers find in the new mode, which Apple representatives said was the biggest “bug bounty” offered in the industry.
Apple also said it is making a donation of $10 million, in addition to any possible profits from its lawsuit against the NSO Group, to groups that find, expose and work to stop targeted hackers.
–