Cyber experts SANS Institute praise Apple's Lockdown Mode

According to cybersecurity expert John Davis, Director UK & Ireland, SANS Institute, the new feature will help protect users but calls for vigilance

Apple has announced the launch of 'Lockdown Mode', which is designed to offer increased protection from mobile spyware, a common tool in a cybercriminal’s kit that may be used to steal valuable information from a victim.

According to John Davis, Director UK & IrelandSANS Institute, contrary to popular belief, "mobile malware less often relies on zero-day vulnerabilities, but more commonly leverages known, reported security loopholes, hoping to target unpatched systems or applications, to infiltrate and wreak havoc on mobile devices".

While mobile users "need to be wary of suspicious SMS/iMessage notes, or mechanisms around “overlay” applications," he argues, "these are designed to look like legitimate applications, but instead contain trojans developed to steal user data to send to malicious third parties."

According to the BBC, Apple is currently suing Israeli spyware firm NSO Group, accusing it of targeting victims in 150 different countries with its powerful Pegasus spyware, which 'could infect both iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras.'

John Davis, SANS Institute

A step forward for Apple users, but not the time to relax

While Apple’s Lockdown Mode could go a long way towards preventing spyware cyber-attacks for its customers, Davis adds that "end users should remember best practices they learned on other digital platforms and keep up good habits when accessing, storing, and utilising sensitive information on mobile devices".

In addition, Davis suggests that users "should also be reticent to not relax or adjust in-built security settings, as doing so opens up devices to vulnerabilities. Keep your devices current and updated and adhere to the security settings already in place to make for a safer overall experience. If there are red flags, don’t ignore them – valuable information flows on phones every day, so if cybercriminals can access this, then it can potentially spell disaster for individuals or companies.”

The SANS institute

Regarded as one of the most trusted resources for cybersecurity training, certifications and research, the SANS Institute was launched in 1989 as a cooperative for information security thought leadership.

Their mission is to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place. To aid this effort, they provide high quality training, certifications, scholarship academies, degree programs, cyber ranges, and resources to meet the needs of every cyber professional. 

Share

Featured Articles

Trailblazer - Zendesk CTO, Matthias Goehler

As CTO EMEA at Zendesk, Matthias Goehler uses innovation to tackle future challenges. He shares more on Zendesk’s quest to understand their customers

What makes a great working culture?

In the era of The Great Resignation, what does it take to build a culture that retains staff? And is it simply a case of great ESAT scores?

‘It’s the era of no-code,’ says Smartsheet CEO

Mark Mader, CEO at Smartsheet, spoke to Technology Magazine about the notion of the empowered employee and spreading innovation around the business

Exec Q&A with Steve Neat, GM EMEA, Alation Inc.

Data & Data Analytics

Employees can help prevent phishing attacks, say BlackBerry

Cloud & Cybersecurity

Google Cloud technology to play a part in Women’s EURO Final

Data & Data Analytics