Pegasus. Behind this name hides one of the biggest scandals of recent years, but also one of the most sophisticated cyberattacks. Leaders, journalists, diplomats, politicians, celebrities…, many personalities have been the victims of this spyware, published by NSO Group and supported by States, capable of accessing the most sensitive data of a iPhone.
After having multiplied the updates to counter its attacks, Apple decided to strike harder by launching a function called ” Lockdown or “Isolation”. According to the brand, this mode is coming this fall with iOS 16, iPadOS 16 and macOS Ventura. ” While the vast majority of users will never fall victim to targeted cyberattacks, we work hard to protect the rare victims of these attacks. “, explains a leader, who speaks of the fight against spyware “mercenaries”.
Block intrusion attempts
Concretely, the Isolation mode offers “ an extreme and optional level of security to personalities who may be personally targeted by extremely sophisticated threats, such as those from the NSO Group and other private companies developing state-sponsored spyware.
By activating this mode, the user limits certain functionalities, and this reduces the field of action of the spyware. For example, Isolation mode blocks most types of attachments and some features, like link previews, are disabled. Why ? Because Pegasus allowed to take control of an iPhone simply by displaying a link in an SMS !
Then some display technologies in Safari, like compiling JavaScript just-in-time (JIT), are disabled unless the user excludes a trusted site from isolation mode. In addition, incoming invitations and requests for services, such as FaceTime calls, are blocked if the user has never sent a call or request to their sender before. Again, it had been proven possible to hack an iPhone, via a Facetime call.
Huge bounty to improve function
Wired connections to a computer or accessory are blocked when iPhone is locked. Again, this is to counter spyware capable of accessing, via Bluetooth or Wireless, to phones content even when it is on standby. Finally, no configuration profile can be installed and the device cannot be added to a device management solution mobiles (MDM) when isolation mode is enabled.
At the same time, Apple has decided to devote $10 million to a research program on this state-run spyware. Finally, the brand doubles the premium as part of its Apple Security Bounty in order to reward experts able to “crack” the Isolation mode to improve its protections. In case of flaw discoveriesthe premium could reach two million dollars, it is the highest amount in the sector, and it is to say if Apple takes these threats very seriously.
Interested in what you just read?