Apple unveils new security setting to block Pegasus attacks on iPhones

The action follows waves of attacks documented by The Washington Post and others showing that iPhones were being hacked by Pegasus spyware distributed by the Israeli company NSO Group and then used to capture contact information and live audio. But while Pegasus prompted Apple to act, it is not the only spyware that would be hobbled by the new feature.

Once engaged, Lockdown Mode will block most types of attachments on messages and prevent the phone from previewing Web links, which are frequently used to transmit spyware. Locking a phone will disable wired connections to computers and accessories that are used to take control of devices that have been seized by police or stolen by spies.

Apple’s lockdown tactic resolves a long-standing tension in its design approach between security concerns and the pursuit of easy-to-use, highly functional capabilities. The extra usability made the phones more vulnerable to attack through iMessage, FaceTime and other software. Lockdown Mode gives users the choice of whether to maintain those features. When activated, it limits what the phone can do.

Ivan Krstić, Apple’s head of security engineering, said that “the vast majority of users” will have no need of the high-security mode but that the company will work with security researchers to keep protecting the minority at severe risk. The more secure mode can be easily toggled on and off, but Apple said the highest-value targets would probably leave it on.

After The Post and an international consortium of news outlets reported last year that Pegasus had been used against political dissidents, human rights advocates and journalists, Apple sued NSO and issued its first sweeping notifications to those who may have been hacked by NSO’s government clients. The United…