US cybersecurity agency CISA is urging senior US politicians and high-ranking officials to lock down their mobile devices following the ongoing Chinese-backed data breaches at at least eight major telecom providers.
The CISA issued an advisory on Wednesday, warning “highly-targeted officials,” including those in government, to enable advanced security features, such as Apple’s Lockdown Mode, to limit their smartphone’s overall attack surface.
Officials are also being urged to switch to end-to-end encrypted messaging apps, like Signal. This advice comes shortly after the U.S. government urged Americans to also use encrypted messaging apps to help avoid having their text communications be monitored.
The agency also recommends using phishing-resistant multi-factor authentication, alongside telecom-level account PINs, to protect against SIM-swapping attacks.
“Encryption is your friend — it makes your data unreadable, even if the adversary were to compromise it,” CISA executive assistant director Jeff Greene said on a call with reporters on Wednesday.
Apple’s Lockdown Mode
Lockdown Mode on the iPhone, iPad, and Mac offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware. Turning on Lockdown Mode further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.
While Lockdown Mode is turned off by default, it can be enabled in the Privacy & Security section of the Settings or System Settings app. After being turned on, Lockdown Mode can be turned off at any time in the same section of the Settings app. Enabling or disabling Lockdown Mode requires restarting the device and entering the device’s passcode.
At launch, Lockdown Mode includes the following protections:
- Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
- Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
- Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
- Wired connections with a computer or accessory are blocked when iPhone is locked.
- Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.
