Cyber experts SANS Institute praise Apple's Lockdown Mode

According to cybersecurity expert John Davis, Director UK & Ireland, SANS Institute, the new feature will help protect users but calls for vigilance

Apple has announced the launch of 'Lockdown Mode', which is designed to offer increased protection from mobile spyware, a common tool in a cybercriminal’s kit that may be used to steal valuable information from a victim.

According to John Davis, Director UK & IrelandSANS Institute, contrary to popular belief, "mobile malware less often relies on zero-day vulnerabilities, but more commonly leverages known, reported security loopholes, hoping to target unpatched systems or applications, to infiltrate and wreak havoc on mobile devices".

While mobile users "need to be wary of suspicious SMS/iMessage notes, or mechanisms around “overlay” applications," he argues, "these are designed to look like legitimate applications, but instead contain trojans developed to steal user data to send to malicious third parties."

According to the BBC, Apple is currently suing Israeli spyware firm NSO Group, accusing it of targeting victims in 150 different countries with its powerful Pegasus spyware, which 'could infect both iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras.'

John Davis, SANS Institute

A step forward for Apple users, but not the time to relax

While Apple’s Lockdown Mode could go a long way towards preventing spyware cyber-attacks for its customers, Davis adds that "end users should remember best practices they learned on other digital platforms and keep up good habits when accessing, storing, and utilising sensitive information on mobile devices".

In addition, Davis suggests that users "should also be reticent to not relax or adjust in-built security settings, as doing so opens up devices to vulnerabilities. Keep your devices current and updated and adhere to the security settings already in place to make for a safer overall experience. If there are red flags, don’t ignore them – valuable information flows on phones every day, so if cybercriminals can access this, then it can potentially spell disaster for individuals or companies.”

The SANS institute

Regarded as one of the most trusted resources for cybersecurity training, certifications and research, the SANS Institute was launched in 1989 as a cooperative for information security thought leadership.

Their mission is to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place. To aid this effort, they provide high quality training, certifications, scholarship academies, degree programs, cyber ranges, and resources to meet the needs of every cyber professional. 

Share

Featured Articles

Why AWS has Tapped Intel for Custom AI Fabric Chips

Amazon Web Services has extended its partnership with Intel to develop bespoke AI processors, bolstering US chip manufacturing and cloud innovation

Tech & AI LIVE New York Welcomes Three More Speakers

Executives from Ping Identity, ServiceNow and Consumer Technology Association are announced to be joining the line-up at Tech & AI LIVE New York

Why Barclays Has Bet Big on HPE for Private Cloud

Barclays CTO Stephen Flaherty and HPE SVP Matt Harris on why the bank has doubled down on HPE GreenLake, signalling a strategic shift in cloud adoption

How Microsoft is Helping Develop Practical Quantum Computing

Digital Transformation

Why JFK Airport is Embracing an AI-Driven Data Strategy

AI & Machine Learning

Tech & AI LIVE: Gen AI Announces Four New Speakers

AI & Machine Learning