Apple will release the regulation in the fall and believes it would have prevented previously known spyware attacks by closing technical avenues for digital espionage. It said the lockout feature was intended for users facing “severe, targeted threats to their digital security”. The news is a sign of how the proliferation of mercenary spyware, or tools that can be used by government clients to hack into any phones and control them remotely, has become a major business concern for Apple and other phone makers. While for years Apple appeared to downplay the threat to its customers posed by Pegasus and other eavesdropping software, including stressing that such hacks affected relatively few users, supporters of the company’s latest move say the new feature acknowledges the seriousness of the threat. Protections offered by the lock feature include blocking most message attachments, blocking incoming FaceTime calls if the user has not previously called the launcher or sent a call request, and blocking access to an iPhone when connected to a computer or accessory when locked. Ron Deibert, founder and head of the Citizen Lab at the University of Toronto’s Munk School, said the new regulation will “definitely” make it more challenging for clients of NSO Group and other companies to successfully target individuals, and compared it to the introduction of . of two-factor authentication. “In other words, it introduces some security measure that reduces functionality and user experience in exchange for security. And… hopefully other platforms would do something similar,” Deibert said. “We have seen the major technology platforms begin to address the threats posed by the spyware mercenary industry. We certainly applaud and welcome it.” He added that if the new setting is adopted by users, it “will completely reduce the possibility of some flaw in apps or other pieces of software getting in and being exploited” that allow spyware like Pegasus to infect a phone. When an iPhone or other mobile device is infected with Pegasus, the spyware user can actually take over that phone, accessing messages, photos and location. The software can even turn a phone into a remote listening device. Apple does not disclose the number of its users subjected to Pegasus-style hacks, but its devices have been victims of highly targeted attacks in 150 countries. Pegasus is a hacking program developed and licensed to governments around the world by NSO Group, an Israeli company. It can infect iOS or Android phones and can be delivered through “zero-click” attacks, which require no interaction with the phone’s owner to gain entry to the device. Subscribe to First Edition, our free daily newsletter – every morning at 7am. BST Apple, which is suing NSO in the US, said the new feature was designed for users at risk of being targeted by some of the “most sophisticated digital threats, such as those from the NSO Group and other private companies that develop state-sponsored spyware . He described the feature — which will come with iOS 16, iPadOS 16 and macOS Ventura in the fall — as an optional measure for a “very small number of users.” Apple is offering a $2m (£1.7m) reward to anyone who can find a way around the new regulation. He also announced a $10 million grant to the Dignity and Justice Fund, a funding initiative established by the Ford Foundation to help it uncover and investigate targeted cyber attacks. NSO said it investigates all credible allegations of abuse against its government customers and that its spyware is only intended to target serious criminals, such as pedophiles and terrorists.
