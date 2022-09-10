APPLE has recently announced a new feature, Lockdown Mode, which secures iOS users who might be personally targeted by sophisticated cyber threats.

Lockdown Mode dramatically reduces mobile devices’ attack surface to prevent cyber threats from reaching the user.

This initiative validates what has been known for a long time, mobile devices are inherently exposed to cyber threats.

The importance of mobile security

The development and release of Apple’s new Lockdown Mode feature stresses the importance of mobile security.

Moreover, Apple is not alone; Samsung is also working to enhance the safety of its Galaxy gadgets and recently announced a cooperation with Google and Microsoft to bolster mobile security.

This comes as no surprise to those who manage mobile devices on a daily base.

Using mobile devices for personal and work purposes can expose users to social engineering methods. This has not gone unnoticed by cybercriminals.

Over the past year, researchers at Check Point have observed threat actors’ increased focus on mobile devices.

They leverage social networks and messaging apps to carry out single or even zero-click attacks.

In addition, the vast array and automation of attack tools have enabled attackers to launch large-scale campaigns that are more complex with relative ease.

Apple’s Lockdown mode also addresses files as the main threat vector.

Malicious files have been used in a variety of attacks, including state-level attacks, but they are one of the most overlooked vectors in mobile security.

Malicious PDF, GIF images, and Excel sheets can facilitate cyberattacks, yet most mobile security solutions do not regard them as a major risk.

What is Lockdown Mode and how does it work?

Apple’s Lockdown mode is expected to be available in the fall on iOS 16, iPadOS 16 and macOS Ventura.

Its target is to dramatically reduce mobile devices’ available attack surface by blocking or disabling files and access.

While in lockdown mode:

Most message attachments are blocked – Apple recognised files as an emerging attack vector on mobile devices. In lockdown mode, the download of most message attachment types (other than images) is completely blocked. Other features, like link previews, are also disabled.

Complex web technologies are disabled. Certain complex web technologies, such as just-in-time JavaScript compilation, are disabled while in lockdown mode.

Incoming invitations and service requests are blocked – Apple blocks incoming invitations and service requests, including FaceTime calls, from unknown sources.

Wired connections with a computer or an accessory are blocked – when iPhone is locked it will not support wired connections.

Configuration profiles cannot be installed – MDM/UEM integration is blocked

Some capabilities might change by the anticipated release date, but it is evident these protections will create more secure Apple devices.

Check Point Harmony Mobile, a market-leading Mobile Threat Defense (MTD) solution, offers a complementary solution that can enhance the security provided by Apple’s Lockdown Mode and create enhanced protection for high-risk users.

Check Point Harmony Mobile enhances security for high-risk users

While Check Point and Apple both agree on the importance of mobile security, their protection approach is different.

The new Lockdown Mode is a solution to a very specific state-level attack problem.

It covers a severe set of attack scenarios, but does not address common attacks such as phishing, botnets or man-in-the-middle.

Even attacks that target high-profile users, such as spear phishing and whaling, are not among the scenarios covered by the Lockdown Mode.

Check Point Harmony Mobile is an MTD solution that protects both iOS and Android devices across all attack vectors: files, networks, applications and OSs.

It provides protection against zero-day phishing attacks, blocks malicious file downloads, detects malicious iOS profiles and provides malware protections, safe DNS, and more.

It allows security admins to monitor device security posture and can be integrated with any UEM and MDM solutions.

High-risk iOS users should combine both security measures to provide wide protection for their devices and organisation. But what about non-critical users?

Check Point Harmony Mobile for non-critical users

While turning on Lockdown Mode will undoubtedly provide greater security, it will also limit device usability.

Lockdown Mode disables some rudimentary features on the mobile device.

The user won’t be able to receive FaceTime calls from an unknown number, download a file attached to a message and some web features might not work.

Lockdown Mode might also present a challenge to the organisation, as admins cannot install MDM or UEM on a device in lockdown mode.

If a user is targeted by state-level, highly sophisticated digital threats, such as mercenary spyware, these limitations are a price worth paying for a more secure mobile device. However, a majority of users are not included in these scenarios.

For them, Check Point Harmony Mobile enables the full use of iOS devices, including browsing the internet, sending and receiving files, complete FaceTime functionality and more, without compromising their security.

This allows users to stay connected and keep productivity and functionality while protecting you, your device and your organisation.

A great example of this approach is Harmony Mobile File Protection capability.

Like Apple, Check Point recognised that files are an emerging attack vector on mobile devices.

For this reason, Check Point Harmony Mobile recently released a new file protection capability that protects the device from malicious files.

Check Point Harmony Mobile File Download Prevention scans downloaded files for malicious intent.

Once found, the download is completely blocked and the malicious file never reaches the device.

For Android devices, storage scanning is available to protect against downloaded files.

This ensures the mobile device stays threat-free without affecting user productivity.

Check Point Harmony Mobile uses ThreatCloud, the intelligence tool with the best catch rate in the industry for scanning those files.

ThreatCloud combines the latest AI technology with big data threat intelligence, as well as threat intelligence collected and analysed by Check Point’s elite research team to block files, malicious web content and more.

Check Point Harmony Mobile is the first mobile threat solution among the industry’s top leading vendors to prevent the download of malicious files to mobile devices

What should you do to protect your mobile device

High-risk users should consider using both Lockdown Mode and the Check Point Harmony Mobile solution to cover all possible attack vectors.

For the majority of users, Check Point Harmony Mobile provides the ultimate balance of complete protection and zero impact on productivity.

