Apple plans new feature to protect journalists and human rights activists from spyware

It’s one of the biggest moves by a major tech firm in the fight against the lucrative spyware industry, whose tools can infiltrate devices even when the victim doesn’t press anything. It also comes as the Biden administration continues to try to curb the use of spyware.

A new feature called “Lockdown Mode” will allow anyone to effectively shield parts of their iPhone and other devices from possible attacks, including email attachments and unwanted FaceTime calls, with the touch of a button.

But there are some trade-offs for users in block mode. Device owners will not be able to use certain Apple (AAPL) features such as physically connecting to other computers when the phone is on the lock screen, or enrolling in mobile device management programs that some employers use to administer work phones.
There are over a billion iPhones in the world; the new feature is intended for a very small subset of Apple users who have been targeted by spyware. Apple declined to specify the number of customers that were victims of spyware, citing an ongoing lawsuit. But the company said it had already notified customers in about 150 countries that they could be targeted by spyware. Android, Google’s mobile operating system and the most widely used, had to deal with spywaretoo much.

The announcement is an acknowledgment that spyware is a global problem that pits the best engineering talent at companies like the NSO Group and tech giants against each other. Spyware creators will most likely try to find ways to bypass blocking mode. To account for this, Apple said it would pay security researchers who report vulnerabilities in the new feature up to $2 million.

While Apple continues to stress that it is rare for spyware to infiltrate its devices, there have been several high-profile cases where this has happened. Last September, Apple released a critical update to its software after it was discovered that spyware allegedly developed by the NSO Group had been used to track down a Saudi dissident. Apple then sued the NSO Group for allegedly violating the federal anti-hacking law. The NSO Group has long maintained that it only sells its software to authorized users for law enforcement and counterterrorism purposes.

From Morocco to Mexico to Singapore, digital forensics experts uncover spyware targeted at several technology platforms — and created by a number of vendors — that has been used to track the movements of human rights defenders, embassy officials, and other purposes. According to a 2019 investigation by Citizen Lab, a digital rights research center at the University of Toronto, one such target was the wife of a murdered Mexican journalist who was investigating drug cartels.

“Now there is incontrovertible evidence … that the hired spyware industry is facilitating the spread of authoritarian practices and massive human rights violations,” Citizen Lab director Ron Deibert told reporters this week ahead of the lockdown announcement.

Apple also said Wednesday it is giving $10 million to the Dignity and Justice Foundation, a Ford Foundation-recommended grantmaker that will support efforts to investigate and raise awareness of spyware. (Deibert is on the advisory board of this grant fund.)

The Biden administration has attempted to curb the spread of spyware by adding the NSO Group and Candiru, another Israeli supplier, to a Commerce Department list that restricts US business dealings with these firms.

The potential national security threat from spyware gained attention last year when the iPhones of about a dozen U.S. State Department employees working in Africa were hacked using an NSO Group proprietary product, CNN previously reported.

A spokesman for the NSO Group said at the time in response that once the firm became aware of the incident, it “decided to immediately terminate the affected customers’ access to the system due to the severity of the allegations.” The spokesperson also stated that he did not receive “any indication that NSO tools were used in this case.”

Leave a Reply

Your email address will not be published.