Apple has a reputation for providing top-tier privacy and security on all its products. So, when the news broke that iPhones were targeted earlier this year by a powerful spyware sold to nation-states, we knew it’d only be a matter of time before Apple swung into action. And swing into action they did.
Apple not only sued the Israeli-based spyware firm, NSO Group, which was responsible for the Pegasus spyware attack, but they also included a new feature to amp up security on iPhones. Apple is calling the superhero feature “Lockdown Mode”, and it’s an “extreme, optional” security resort (via Apple), since spyware like Pegasus only targets a hyper-specific set of users. These include dissidents, lawyers, journalists, human-rights workers, and politicians.
The feature will be available on Apple’s soon-to-be-released iOS 16, which is packed with a ton of other new features — including the ability to unsend and edit iMessages. Let’s check out how Lockdown Mode will work, and how you can enable it if you ever need to.
What is Lockdown Mode, and how does it work?
Basically, Lockdown Mode protects your device by disabling automated responses that could make it vulnerable to attacks, particularly sophisticated, high-level threats like the Pegasus spyware. This will strengthen device defenses, but inevitably restrict many major functionalities—a necessary trade-off for such high security.
Here are some of the functions you’ll lose while on Lockdown Mode (via CNET):
Web browsing: Lockdown Mode will block access to web browsers, except when a user excludes a trusted site.
Message attachments: Only trusted image formats will be allowed in iMessage, and users will not be able to preview links.
Shared albums: Shared albums will be removed from the Photos app, and new Shared albums invitations will be blocked.
Accessory Connections: If your device is locked, a wired connection with any computer or accessory will be automatically blocked.
FaceTime: There will also be restrictions on all incoming requests or invitations, including FaceTime, unless you have previously sent the initiator a connection request.
New profiles: Your devices won’t be able to activate mobile device management (MDM). Also, configuration profiles, which organizations typically use to update settings and security protocols on associated devices, will be blocked.
Although Apple didn’t explain why these specific features are a part of Lockdown Mode, it’s not difficult to find the common thread. These are some of the most common sources of user data that hackers exploit. In fact, the Pegasus spyware was deployed using some of these attack vectors. Pegasus allegedly exploited a vulnerability in WhatsApp’s VoIP stack, which is used to make video and audio calls.
How to enable lockdown mode
Regular iPhone users will probably never need to enable Lockdown Mode. But if you ever think you’re at risk of malware attacks, and are running iOS 16 or iPadOS 16, you should take advantage of the feature. Here’s how to use it:
- Open the Settings app on your device.
- Locate and select the Privacy & Security tab.
Scroll down and select the Lockdown Mode tab.
On the next pop-up screen with information about Lockdown Mode, scroll down and select Turn On Lockdown Mode.
Next, a prompt will appear, asking you if you’re absolutely sure you want to enable Lockdown mode. Tap Turn On & Restart.
Your device will restart to activate Lockdown Mode, and you will notice the restrictions on certain features, as stated above. To exit Lockdown Mode on your device, repeat the same steps and toggle it off. You may need to manually re-activate some features, like Shared Photo Albums, after turning off Lockdown Mode.
Lockdown Mode is still in its early days
The Lockdown Mode you’ll get at launch is the first iteration of the feature, so there’s a lot to improve on. Apple says Lockdown mode will get more robust over time, by adding new security measures. More than anything else, Lockdown Mode is damage repair for the black-eye that Apple’s reputation suffered as a result of the Pegasus hack. The company prides itself in providing top-notch device security, so it’s not great for business if government officials and the like think that they have to look elsewhere for secure devices.
By providing Lockdown Mode, even though these high-risk attacks only target a small set of people, Apple is reinforcing its reputation for being a user-first, security-conscious company. It has also created a new category within the Apple Security Bounty program to pay researchers who discover loopholes in Lockdown Mode and help improve its security. Rewards are doubled for qualifying findings in Lockdown Mode, with bounties going up to $2,000,000 — the highest maximum bounty payout in the industry (via Apple Newsroom).
To boot, Apple is donating $10 million to organizations that investigate, expose, and prevent targeted cyberattacks, including those produced by private companies creating state-sponsored mercenary spyware, in addition to any damages awarded from the lawsuit brought against NSO Group.