How Apple's latest security update is taking on 'mercenary spyware’

Daniel Howley

Apple (AAPL) on Thursday unveiled a unique new security feature designed specifically to take on the kind of dangerous spyware used by governments to eavesdrop on everyone from political dissidents and activists to journalists around the world.

The feature, called Lockdown Mode and available later this year with the release of iOS 16, iPadOS 16, and macOS Ventura, will allow Apple users to cut off access to a slew of communication features on their devices, ensuring, at least for now, that malicious actors can’t access their information.

The reason for the new security capability? Apple’s ongoing fight against Israel’s NSO Group and its Pegasus software, a powerful piece of spyware that can remotely suck up all of the information on a target device without the victim ever knowing.

“Apple makes the most secure mobile devices on the market. Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” Apple head of security engineering and architecture, Ivan Krstić, said in a statement.

But while Apple’s update will cut out current versions of NSO Group’s software, it’s far from a permanent solution. And NSO Group, and its competitors, could eventually break through Apple’s security barriers again.

Apple’s fight against Pegasus

Apple is quick to point out that Lockdown Mode is for a very specific group of users. So if you’re not a head of state or corporation, a political activist, or dissident, you likely won’t have to enable the feature.

When activated, however, Lockdown Mode creates a kind of panic room for your Apple device. It disables attachments and link previews in the Messages app, disables certain web technologies in the browser app, blocks things like FaceTime calls unless you’ve previously called a person, and more.

FILE - A logo adorns a wall on a branch of the Israeli NSO Group company, near the southern Israeli town of Sapir, Aug. 24, 2021. Tech giant Apple announced Tuesday, Nov. 23, that it is suing Israel’s NSO Group, seeking to block the world’s most infamous hacker-for-hire company from breaking into Apple's products, like the iPhone. (AP Photo/Sebastian Scheiner, File)
Apple's Lockdown Mode is designed to fight back against spying software like NSO Group's Pegasus. (AP Photo/Sebastian Scheiner, File) (ASSOCIATED PRESS)

Apple says it will continue to build on Lockdown Mode and release updates in the future. The company is also paying up to $2 million to hackers who can find bugs that break Lockdown Mode, an industry high. Companies regularly pay hackers to break their software in an effort to find bugs that can be used to create malware.

The ultimate piece of spyware

NSO Group’s Pegasus software isn’t your average piece of malware, though. It’s more or less the Holy Grail of spyware, giving the company’s customers, which include governments like Mexico, Saudi Arabia, and the United Arab Emirates, unfettered access to everything on a target’s Apple device.

The software initially required targets to unknowingly click a malicious link sent to an iPhone, but a secondary version could be installed on a device without the target having to do anything. In either situation, the target would never know that the software was installed on their device.

According to The Guardian, the spyware was used to track associates of murdered Washington Post journalist Jamal Khashoggi. U.S. intelligence officials believe Saudi Arabia’s crown prince, Mohammad bin Salman, ordered Khashoggi’s murder.

It’s such a powerful piece of technology that in Nov. 2021, the The Commerce Department blacklisted the NSO Group, eliminating its ability to purchase American goods.

Apple has been fighting the NSO Group and others like it for some time. In November, the company filed a lawsuit against the spyware maker in California alleging it attacked Apple, its services, and its customers. The iPhone maker isn’t the only tech giant going after NSO Group, either. WhatsApp parent Meta (META) is also suing the company after it developed spyware that could be installed on victims’ devices via WhatsApp messages.

While Apple is working to kill Pegasus’ ability to gain access to users’ devices, NSO Group will likely continue developing new ways of breaking into Apple’s software. That’s not an Apple problem alone, either.

Regardless of how well funded a tech company might be, adversaries creating code designed to exploit their software will always be ahead of the curve. That’s because at the end of the day, people create the software that powers tech giants’ products. And since malicious actors spend all of their time trying to crack that software, they’re always one step ahead of the good guys.

Still, Apple’s release is important in that it will protect its most vulnerable users. How long it will do so, though, is another issue.

Sign up for Yahoo Finance's Tech newsletter

More from Dan

Got a tip? Email Daniel Howley at dhowley@yahoofinance.com. Follow him on Twitter at @DanielHowley.

Click here for the latest trending stock tickers of the Yahoo Finance platform

Click here for the latest stock market news and in-depth analysis, including events that move stocks

Read the latest financial and business news from Yahoo Finance

Download the Yahoo Finance app for Apple or Android

Follow Yahoo Finance on Twitter, Facebook, Instagram, Flipboard, LinkedIn, and YouTube

Advertisement