Over the past year, we have seen a rise in highly sophisticated cyber attackers targeting high-profile individuals such as government leaders, journalists, activists, business leaders, and others. One prime example is the NSO Group’s Pegasus spyware, which has been used worldwide and highlights the serious threats facing such individuals.
What can high-profile business leaders do to protect themselves and their organizations from these rising risks? Apple recently announced one solution designed to help: Apple Lockdown Mode. This tool is the first to offer advanced protection for users at risk of highly targeted attacks from Pegasus, or similar sophisticated spyware.
Apple Lockdown Mode works by increasing defenses and limiting device functionalities that could create risk. For instance, it blocks attachments and link previews to messages and disables some web browsing functionalities. It also blocks incoming FaceTime calls and other requests from those not previously contacted, wired connections with a computer, and the installation of new configuration profiles. It is important to understand that to enable the highest level of device protection, aspects of functionality must be compromised.
Apple Lockdown Mode is a helpful tool to protect specific users against highly targeted attacks. However, it is not the solution to protect ordinary users from today’s broad range of threats. The reality is that most of the risk that individuals and organizations face today can be prevented with a comprehensive device management and monitoring strategy, and without dramatically limiting device functionality. Apple itself recognizes this, calling the Lockdown tool “extremely optional” and that most individuals will never need this extreme level of protection in their lifetimes.
Given the rare nature of these highly targeted attacks, most managed service providers (MSPs) will never need to deploy Apple Lockdown Mode. Instead, they should continue to focus on helping businesses build a broader security strategy that includes device management and monitoring to ensure protection for all users, whether they are high-profile or not. Additionally, MSPs need to consider the specific device management capabilities they can offer for Apple devices, which often require specialized management capabilities for customers.
For those who need Apple Lockdown Mode, they will have access to it with iOS 16, iPadOS 16, and macOS Ventura. Apple says it plans to continue adding to the tool’s capabilities over time and has launched a new category in its Apple Security Bounty program to reward those who find ways to bypass its protections (with a bounty of up to $2,000,000).
As cyber threats continue to rise, MSPs have an immense opportunity to prove their value as trusted advisors by helping their customers navigate the best way to secure their devices. While that may or may not involve Apple Lockdown Mode, it should include conversations about how to build a holistic strategy around securing Apple devices for all users. In doing so, MSPs can help ensure their customers are protected across every situation and threat they may face.