NSO Group Hacking Prompts Apple To Add A ‘Lockdown Mode’ To Its Devices
Israeli malware maker NSO Group's frequent targeting of iPhones has led to multiple rounds of patches, a federal lawsuit, and Apple instituting a notification program to inform customers their devices have been compromised.
Apple's next move in this particular arms race will help defend users against malware deployment by government agencies, many of which use exploits purchased from NSO Group and its competitors.
Apple said Wednesday that it will introduce an innovative security feature to give potential targets of government hacking an easy way to make their iPhones safer.
The company said it would be releasing the new Lockdown Mode" in test versions of its operating systems shortly, with full distribution in the fall as part of iOS 16 for iPhones as well as the operating systems for iPads and Mac computers.
This addition won't be difficult to deploy, making it much more user-friendly than other options. A single button press in the Options is all it takes. The phone reboots in lockdown mode," blocking most attachments contained in messages, preventing the phone from previewing web links, and - somewhat surprisingly - disabling wired connections to other devices.
That last feature will prevent state-sponsored hackers or law enforcement from accessing the device's contents or installing exploits on phones seized from detainees and arrestees. It won't start rolling out until September, but one should expect to see law enforcement officials start complaining about this feature sooner than that.
Expect the FBI to take the lead on the complaining. It has spent years claiming encryption dead-ends investigations and allows criminals to hide evidence from investigators. It will likely make the same claim about this option, even as it publicly admits state-sponsored hacking is an omnipresent concern.
In just the last week, the FBI and Britain's MI5 intelligence organization took the rare step of issuing a joint warning of the immense" threat Chinese spies pose to our economic and national security," and that its hacking program is bigger than that of every other major country combined."
According to the FBI, it's okay for the government and large businesses to protect themselves against malicious hackers by limiting attack services and deploying encryption. But it's not okay for the average iPhone user to do the same thing because a cop may possibly want to examine a device's contents at some point.
And that is what's being addressed with Apple's lockdown mode." State-sponsored hackers and purchased exploits aren't just being deployed against government agencies, large corporations, and political leaders. It's also being used against journalists, dissidents, government critics, and religious minorities.
Apple's move makes sense and shows the company actually cares about protecting its customers from malware, exploits, and other forms of device compromise - no matter who's doing the dirty work. It's bound to anger law enforcement. But, just like encryption itself, you can't lock out the bad guys without locking up some of the good guys. It either provides protection or it's a compromise that will only lead to compromised devices.