Apple Rolls Out New Tools to Fight ‘State-Sponsored Mercenary Spyware’

Apple unveiled new tools this week it said are designed to prevent “state-sponsored mercenary spyware” from victimizing its customers.

The large tech company rolled out “Lockdown Mode” for operating systems used on its phones, tablets and computers, and Apple described its new cybersecurity protections as “extreme” and optional.

Apple’s head of security engineering and architecture, Ivan Kristić, said the mode was designed to combat the most sophisticated attacks.

“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” Mr. Kristić said in a statement. “That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”

Features enabled by Lockdown Mode include blocking most message attachments other than images and the disabling of link previews, incoming invitations such as FaceTime calls are blocked if the user has not previously called the person initiating the call, and wired connections with a computer are blocked when an iPhone is locked, among other things.

The limitations developed for Lockdown Mode are designed to combat threats like those posed by NSO Group, according to Apple.

Last year, an NSO Group exploit that affected Apple devices was discovered by the Toronto-based research group Citizen Lab. Apple later issued a security update.

NSO Group’s Pegasus product gave people access to a smartphone user’s messages, camera and microphone without any action by the victim, according to the Pegasus Project, which was an investigation organized by the nonprofit news organization Forbidden Stories.

Citizen Lab alleged in 2018 that NSO Group’s Pegasus spyware was used by people across 45 countries.

Citizen Lab senior researcher John Scott-Railton cheered Apple’s new cybersecurity tools on Twitter.

“In #LockdownMode, we see high-impact changes that stomp on specific attack categories that mercenary spyware companies et al. exploit,” Mr. Scott-Railton tweeted. “Does this cover all possible desirable things? No. Not yet (one can hope!). But this is a broad set of welcome protections.”

Reporting from The Washington Times.