Apple previews “Lockdown Mode,” a new extreme security feature

Apple on Wednesday shared details of a new, extreme security option called “Lockdown Mode” for Apple device users who face serious, sophisticated digital threats. 

Lockdown Mode will be available this fall with iOS 16, iPadOS 16 and macOS Ventura. The new feature is designed for the few users — such as journalists, activists or government officials — who may be targets of NSO Group or other private companies developing state-sponsored mercenary spyware. 

Turning on Lockdown Mode hardens defenses on your device and strictly limits certain functionalities, reducing the ways your device could be exploited by cyberattacks. When it launches, the feature will offer the following protections: 

• Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled. 
• Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
• Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
• Wired connections with a computer or accessory are blocked when iPhone is locked.
• Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.

Ivan Krstić, Apple’s head of Security Engineering and Architecture, called Lockdown Mode “a groundbreaking capability.” 

“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” Krstić said in a statement. “That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.” 

To improve the feature over time, Apple has established a new category within the Apple Security Bounty program to reward researchers who find Lockdown Mode bypasses. Bounties are doubled for qualifying findings in Lockdown Mode, up to a maximum of $2 million. 

Back in November, Apple filed a lawsuit against NSO Group and its parent company, seeking a permanent injunction banning NSO Group from using any Apple software, services, or devices. The complaint provided information on how NSO Group infected victims’ Apple devices with its Pegasus spyware. At the time, Apple also said it would donate Apple $10 million, as well as any damages from the lawsuit, to organizations working on cybersurveillance research and advocacy.

On Wednesday, the company said it would make the donation to the Dignity and Justice Fund, a private foundation established and advised by the Ford Foundation dedicated to advancing equity worldwide. With the donation, the Dignity and Justice Fund will offer grants this year and next to initiatives that help expose mercenary spyware and protect potential targets.