Apple slaps hard against ‘mercenary’ surveillance-as-a-service industry

Apple has hit a big blow against the mercenary “Surveillance-as-a-service” industry, introducing a new, highly secure Secure Locking Mode to protect individuals at risk of targeted attacks. The company is also offering millions of dollars to support research to uncover such threats.
Starting with iOS 16, iPadOS 16 and macOS Ventura, and now available in the latest developer updates only, Lockdown Mode hardens security security and sometimes limits functionalities abused by state-sponsored surveillance hackers. Apple describes this defense as “a sharp reduction in the attack surface that could be exploited by highly targeted mercenary spyware.”
In recent years, a series of targeted spyware attacks against journalists, activists and others have been exposed. Names including Pegasus, DevilsTongue, Predator, Hermit, and NSO Group undermined trust in digital devices and exposed the risk to semi-private entities and the threat they pose to civil society. Apple has no intention of opposing such practices, filing suit against the NSO Group in November and promising to oppose such practices where possible.
“Apple’s newly released Lockdown Mode will reduce the attack surface, increase costs for espionage businesses, making it much harder for oppressed governments to hack high – risk users,” said John Scott-Railton, a senior researcher at the office. . Citizens Laboratory at the University of Toronto’s Munster School of Global Affairs and Public Policy.
“We congratulate [Apple] to protect human rights defenders, heads of state, lawyers, activists, journalists and many more, ” tweeted the EFF, a privacy advocacy group.
What does Lockdown Mode do?
Currently, Apple says that Lockdown Mode provides the following protections:
- Messages: Most types of message attachments are blocked rather than images. Some features, such as link previews, are disabled.
- Web Browsing: Certain complex web technologies, such as just in time (JIT) JavaScript compilation, disabled unless the user excludes a trusted site from Lockdown Mode.
- Apple Services: Invitations and requests for service, including FaceTime calls, are blocked unless the user has previously sent a call or request to the promoter.
- Wiring connections with a computer or accessory blocked when iPhone is locked.
- Configuration profiles It cannot be installed and the device cannot register in mobile device management (MDM) with Lockdown Mode enabled.
Ivan Krstić, Apple’s head of Security and Architectural Engineering, notes that Lockdown Mode can be applied to devices already registered in MDM service. “Enabling Lockdown Mode preserves the existing MDM enrollment,” he said tweeted.
The company says it intends to expand the protection provided by Lockdown Mode over time and has invested millions in security research to help identify vulnerabilities and increase the integrity of this protection.
How to enable Lockdown Mode
Turning on Lockdown mode. (Click on image to enlarge.)
- Lockdown Mode is enabled in Settings on iPhones and iPads and i System Settings on macOS.
- You get it as an option in Privacy & Securitylisted at the bottom of the page.
- Sconna Locking Mode and you will be told that this provides “Extreme, selective protection that should only be used if you believe that a highly sophisticated cyber-attack could personally target you. Attacks like this never target most people. ”
- The tips also warn users that certain features as you have experienced will no longer work. Photo sharing albums will be removed, and invitations will also be blocked.
What is the scale of this threat?
These attacks do not come cheap, which means that most people are unlikely to be targeted in this way. Apple began sending threat notifications to potential Pegasus victims soon after its unveiling and says the number of people targeted at such campaigns is relatively small.
Similarly, the scale is international, and the company has been warning people in about 150 nations since November 2021. A BBC Report it confirms hundreds of targets and thousands of leaked phone numbers as a result of Pegasus NSO alone. Victims are included journalists, politicians, civil society advocates, activists, and diplomats, so while the numbers are small, the cold impact of such surveillance is great.
I believe such technologies will become cheaper and more available over timeso it is only a matter of time before they are released for wider use. Ultimately the existence of such real attacks – state-sponsored or not – makes the whole world safer, not safer.
“There is now inevitable evidence from the research of the Citizens ‘Laboratory and other organizations that the mercenary surveillance industry is facilitating the spread of authoritarian practices and gross human rights abuses around the world,” said the Director of the Citizens’ Laboratory. Ron Deibert into statement. Deibert said CNET he thinks Lockdown Mode will deal a “major blow” to espionage companies and governments that use their products.
“While the vast majority of users will not be victims of specific cyber-attacks, we will work hard to protect the small number of users,” said Apple’s Krstić in statement. “This includes continuing to design protections specifically for these users, as well as supporting researchers and organizations around the world who are doing vital work in exposing mercenaries who create these digital attacks.”
There is little doubt that Microsoft and Google will also move to provide similar protection to users. Google and Meta already offer tools to secure the accounts of those at “high risk of targeted online attacks”, but these tools do not extend to Lockdown Mode.
Apple‘s investments in security
Apple already does huge investments in security. For example, the company is working with others in the industry to support password – free authentication, yes built-in tools to hide IP addresses and it continues to focus on user privacy.
The company will introduce a Security Quick Response feature for their devices this fall, allowing security settings to be deployed outside of full security updates and much more. Apple is even investing in enhance the security of programming languagesfurther erosion of potential attack surfaces.
The company has now announced additional investment in the security community:
- Apple has also established a new category within the Apple Security Bounty program to reward researchers who discover Lockdown Mode bypasses and help improve their defenses. Bounties are doubled for qualifying results in Lockdown Mode, up to a maximum of $ 2,000,000 – the highest maximum bounty payment in the industry.
- Apple is also giving a $ 10 million grant, as well as any damages awarded from law he is pursuing against NSO Group, to support organizations that investigate, expose and prevent cyber-attacks, including those created by private companies developing state-sponsored spyware. This money is being donated to the Ford Foundation’s Dignity and Justice Fund.
What will the Dignity and Justice Fund do?
The fund will make its first grants later this year, initially focusing on initiatives to expose the use of mercenary spyware. In the press release announcing the initiative, Apple tells us that these grants will focus on:
- Develop organizational capacity and increase field coordination of existing civil society and civil society cybersecurity research and advocacy groups.
- Support the development of standardized forensic methods for detecting and confirming spy infiltration that meet evidence standards.
- Enabling civil society to partner more effectively with device manufacturers, software developers, commercial security firms, and other relevant companies to identify and address vulnerabilities.
- Raise awareness among investors, journalists, and policymakers about the global mercenary spy industry.
- Develop the capacity of human rights defenders to identify and respond to espionage attacks, including security audits of organizations with higher threats to their network
A global Technical Advisory Committee will advise on the fund’s grant-making strategy. The front members include Daniel Bedoya Arroyodigital security service platform analyst at Access Now; Citizen Lab Director Ron Deibert; Paola Mossoco-deputy director on The Engine Room; Rasha Abdul Rahimdirector Amnesty Tech at Amnesty International; and Krstić Apple.
Lori McGlinchey, director of the Ford Foundation Tech and Society Program, said:
“Global espionage trade targets human rights defenders, journalists and dissidents; facilitates violence, strengthens authoritarianism, and supports political oppression. The Ford Foundation is proud to support this extraordinary initiative to support civil society research and advocacy to combat mercenary espionage. We need to build on Apple’s commitment, and we invite companies and donors to join the Dignity and Justice Fund and provide additional resources to this opponent. ”
What else can you do?
Following a revelation about NSO Group last year, Apple he published a series of recommendations to help users mitigate those risks. These guidelines do not even apply to the type of strong protection you can expect from Lockdown Mode, but it does make sense for anyone to follow such practices:
- Update devices to the latest software, including the latest security settings.
- Protect devices with passcode.
- Use two-factor authentication and a strong password for Apple ID.
- Install apps from the App Store.
- Use strong unique passwords online.
- Do not click on links or attachments from unknown senders.
In addition, Amnesty Tech collect signatures end this type of targeted surveillance of human rights defenders. I would encourage readers to add their signature for my own.
Please follow me Twitteror join me in the AppleHolic Barra & Grill and Apple Talk groups on MeWe.
Copyright © 2022 IDG Communications, Inc.
Apple slaps hard against ‘mercenary’ surveillance-as-a-service industry
Source link Apple slaps hard against ‘mercenary’ surveillance-as-a-service industry