Apple Announces ‘Lockdown Mode’ to Protect Journalists and Human Rights Workers From Spyware

Apple has announced a new set of iPhone features called “Lockdown Mode.”

Unveiled in a blog post on Wednesday, Lockdown Mode will land on iOS 16, iPadOS 16, and macOS Ventura devices in the fall of this year, and offer a number of security features.

Apple called the mode an “extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats."

The company directly mentioned the NSO Group, and more generally “other private companies developing state-sponsored mercenary spyware.”

Turning on Lockdown Mode will harden device defenses and strictly limit certain functionalities, thus reducing the attack surface that potentially could be exploited by spyware.

“Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” explained Ivan Krstić, Apple’s head of security engineering and architecture. 

In terms of specific features, Lockdown Mode will block most message attachment types and disable link previews.

The mode will also disable some web technologies like just-in-time (JIT) JavaScript compilation (unless the user excludes a trusted site from Lockdown Mode), and block incoming invitations and service requests.

Finally, wired connections with a computer or accessory are blocked in Lockdown Mode when iPhone is locked, configuration profiles cannot be installed, and the device cannot enroll in mobile device management (MDM).

Moving forward, Apple said it intends to continue to strengthen Lockdown Mode and add new protections to it over time.

“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” Krstić said.

“That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”

To this end, the firm has also established a new category within the Apple Security Bounty program to reward researchers who find Lockdown Mode bypasses and help improve its protections.

Bounties are doubled for all qualifying findings in Lockdown Mode, and they go up to a maximum of $2m.

What’s Hot on Infosecurity Magazine?