iPhone attacks: should you be using Lockdown Mode?

Apple has today issued a patch for a highly sophisticated piece of spyware that was able to infect iPhones without the user doing anything. The only way to thwart it before Apple issued its security update? Putting your iPhone in Lockdown Mode.

Should we all be putting our iPhones into this hyper-secure mode to ensure we don’t become victims? Let’s explore the pros and cons.

The Blastpass attack

The vulnerability that Apple issued an urgent security update for is known as the Blastpass attack. It was discovered by The Citizen Lab at The University of Torontoʼs Munk School, who were examining the device of an individual employed by a Washington-based civil society organisation.

The Citizen Lab “found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware,” the Lab said in a statement.

The NSO Group is an Israeli “cyber-intelligence” firm that claims to develop “best-in-class technology to help government agencies detect and prevent terrorism and crime”, whilst simultaneously developing exploits such as Pegasus that fundamentally undermine security.

The Citizen Lab description of the exploit is brief, suffice to say it involved “malicious images sent from an attacker iMessage account to the victim”. Apple has subsequently released a patch for iOS and iPadOS that presumably thwarts the attacks.

However, before the patch was released, Citizen Lab advised “everyone who may face increased risk because of who they are or what they do to enable Lockdown Mode”. So what is the little-known Lockdown Mode and is it something you should consider using?

iPhone Lockdown Mode

Lockdown Mode was introduced by Apple last year, but it gets little attention. Most iPhone owners have probably never heard of it and there’s a good reason for that – it’s not designed for general use.

Lockdown Mode is intended for iPhone owners with unusually high security demands. People such as high-profile politicians, CEOs or security service staff who are handling highly sensitive information on their devices. The very people who might be specifically targeted by the Pegasus spyware, in fact.

The iPhone Lockdown Mode enacts a series of extra security measures that vastly reduce the functionality of the phone. For example, certain web browsing technologies are blocked, which might cause web pages to load more slowly or images to be replaced with icons. Incoming FaceTime calls are blocked from anyone you haven’t previously called. Many different types of message attachments are barred.

In other words, Lockdown Mode makes an iPhone a much less useful device. And that’s why Apple recommends it’s only used by the “very few individuals” who require enhanced security.

Still, if you’re determined to maximise security and aren’t bothered about reduced functionality, you’ll find Lockdown Mode by opening Settings > Privacy & Security. The same facility is available on iPad and Mac computers too.