The announcement, made Wednesday, comes after at least two Israeli companies exploited flaws in Apple software to remotely hack into iPhones without the target having to click or tap anything. NSO Group, the maker of the “Pegasus” software that can carry out such attacks, has been sued by Apple and placed on a trade blacklist by US officials. “Lockdown Mode” is coming to Apple’s iPhones, iPads and Macs this fall, and turning it on will block most attachments sent to the iPhone’s Messages app.
“While the vast majority of users will never fall victim to highly targeted cyber attacks, we will work tirelessly to protect the small number of users who are,” said Ivan Krstić, Apple’s head of Security Engineering and Architecture.
“This includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world who are doing critical work to expose the mercenary companies that create these digital attacks.”

What the “Lock Mode” will do.

Lockdown mode will block various types of message attachments, disable link previews, disable certain web browsing technologies, block FaceTime invites and calls from unknown sources, and disable setting up new configuration profiles or enrolling in Mobile Device Management (MDM ). The new feature will also block wired connections to iPhones when they’re locked. Israeli company Cellebrite has used such manual logins to access iPhones, while security researchers believe NSO Group exploited a flaw in the way Apple handled message attachments.
Apple representatives said they believe the sophisticated attacks designed to combat the new feature — called “zero-click” hacking techniques — are still relatively rare and that most users won’t need to enable the new feature. Spyware companies have argued that they sell high-powered technology to help governments prevent national security threats. However, human rights groups and journalists have repeatedly documented the use of spyware to attack civil society, undermine political opposition and interfere in elections. To bolster the new feature, Apple said it would pay up to $2 million (€1.95 million) for each flaw security researchers can find in the new feature, which Apple representatives said was the highest such “bug donation” offered to the industry. . Apple also said it is awarding a $10 million (€9.8 million) grant, plus any potential proceeds from its lawsuit against NSO Group, to teams that find, expose and work to prevent targeted hacks. Apple said the grant will go to the Dignity and Justice Fund established by the Ford Foundation, one of the largest private foundations in the United States.