Last year, NSO Group made headlines (and got themselves a nice lawsuit from Apple) when its Pegasus spyware was found to be maliciously tracking executives, government officials, journalists, and human rights activists via their iPhones. The spyware compromised the features people use most—hackers could access messages, intercept calls, access the camera, and use the phone as a remote listening device.  

The spyware exploited a zero-day, zero-click flaw in Apple’s iOS and was virtually invisible. Zero-day vulnerabilities are security holes a software company hasn’t discovered yet. In this case, hackers exploited a flaw in iOS (zero-day) and sent a text or link to the victim to install the spyware. The twist was that Pegasus spyware allowed hackers to bypass the need for a victim to click a link or download an attachment (zero-click). Installation was done remotely, and no one was the wiser. 

Apple took this threat seriously and isn’t waiting around to see what’s next. They’re rolling out Lockdown Mode—optional but extreme protection included in the iOS 16 release this fall—and you and your C-Suite should pay attention. 

2023 hedge fund managed it trends report

Trade Offs: Protection vs. Usability 

Lockdown Mode is a step toward shoring up your device security by hardening defenses against targeted state-sponsored attacks. Basically, it’s a kill switch. 

However, when you implement Lockdown Mode, friction is part of the package. It severely restricts access to the most-used features on your device. You’re trading ease of use for sophisticated protection you can’t get anywhere else.  

When Lockdown Mode is engaged, here’s what you can expect: 

  • Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled. 
  • Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode. 
  • Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request. 
  • Shared Albums: Shared albums will be removed from the Photos app, and new Shared albums invitations will be blocked. 
  • Wired connections with a computer or accessory are blocked when iPhone is locked. 
  • Configuration profiles cannot be installed, and the device cannot enroll into mobile device management while Lockdown Mode is turned on. 

Does Lockdown Mode Benefit Everyone? 

Admittedly, Lockdown Mode isn’t for the masses. It’s for cybercriminal targets like high-net-worth individuals and your C-Suite—the cash cows of an industry. And while attacks are rare and targeted at a small cohort of users, they are sophisticated, and the consequences to your organization can be grave.  

Spyware like NSO’s Pegasus lets hackers gain access to sensitive information they couldn’t get from regular phishing or spear phishing. These guys are looking for whales—specific senior executives and influential people in an industry with access to your most sensitive client data—and a much bigger payday. 

Statistically, it’s unlikely for most people to be threatened by mercenary spyware like NSO’s Pegasus. And yet, Lockdown Mode could benefit those of us who will never use it simply by bringing attention to the problem. 

The more people aware of security measures available to them (and the trade-offs they entail), the better. For your C-Suite, though, this new feature will be essential. And if you haven’t factored it into your C-Suite cyber risk management program, you should be doing that now. 

What to Do Until Lockdown Mode Is Here 

Lockdown Mode doesn’t roll out until this fall with iOS 16. How can you protect your C-Suite until then?  

We believe in brilliance in the basics. That means getting back to the fundamentals of blocking and tackling as the first step in mitigating risk and shoring up your cybersecurity.  


Brilliance in the Basics infographic


In addition to these basics, preventative measures like implementing a detection and response program give you an in-depth defense to secure your data. Agio uses dynamic machine learning to identify, monitor, and mitigate threats.  

Want more? Check out and share our Cybersecurity Best Practices to ensure your executives and employees protect themselves.   

Protect Your C-Suite 

Apple’s Lockdown Mode is a robust defense against sophisticated state-sponsored attacks. It shrinks the attack surface and hardens defenses for individuals with a higher-than-normal risk of being targeted by mercenary spyware.  

Knowing the threats and safeguards available are key to protecting your most important players. But it’s worthwhile to share this information firm-wide and ensure everyone is aware of and keeping up with best practices. 

Want to lower your cyber risk and safeguard your company? Contact us. We’re here to help.  

If you’re looking for more ways to stay safe with #BrillianceInTheBasics, check out this article from Agio’s CEO and Founder, Bart McDonough: How Hackers Target Investors and How to Stay Safe

See also  Not Bundling XDR & Managed IT, Leaves Room for Vulnerabilities