Apple devices getting beefed-up defense against spyware
Jul 07, 2022 - 01:25 AM
SAN FRANCISCO — Apple on Wednesday unveiled a new way for activists, journalists and other targets of state-sponsored espionage to protect themselves from spyware.
A Lockdown Mode being added to iPhones, iPads, and Mac computers is intended to counter threats from a thriving industry that provides sophisticated espionage tools to governments.
“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” Apple head of security engineering Ivan Krstic said in a blog post.
The tech giant is upping the bounty it pays researchers for uncovering vulnerabilities in its software when it comes to Lockdown Mode, raising the maximum reward to $2 million.
Concerns over digital snooping have been fueled by media outlets reporting that Pegasus spyware made by NSO Group in Israel was being used by governments to surveil opponents, activists and journalists.
Apple is suing NSO Group in US federal court, saying the Israeli firm’s spyware was used to attack a small number of iPhone users worldwide.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability,” Apple senior vice president of software engineering Craig Federighi said when the suit was filed late last year.
“That needs to change.”
Pegasus infiltrates mobile phones to extract data or activate a camera or microphone to spy on their owners.
NSO Group says the software is only sold to government agencies to target criminals and terrorists with the green light of Israeli authorities.
A Spanish court last month said a judge wants to visit Israel to quiz the NSO Group’s top executive over a top-level hacking scandal involving the Spanish premier’s phone.
Meanwhile, Google last month said that an Italy-based firm’s hacking tools were used to spy on Apple and Android smartphones in Italy and Kazakhstan, casting a light on a “flourishing” spyware industry.
Google’s threat analysis team said spyware made by RCS Lab targeted the phones using a combination of tactics including unusual “drive-by downloads” that happen without victims being aware.
Google said it warned Android users targeted by the spyware and ramped up software defenses.
The Google threat team is tracking more than 30 companies that sell surveillance capabilities to governments, according to the Alphabet-owned tech titan.
“The commercial spyware industry is thriving and growing at a significant rate,” Google said.
Apple’s Lockdown Mode is designed to block or disable some features and capabilities to prevent them being taken advantage of by spyware.
The extreme, optional mode “hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware,” Apple said.