Tag: icloud security

iCloud cyber attack in China allegedly caused by government

Apple’s iCloud storage service was attacked in China by hackers attempting to steal sensitive information.

According to a Chinese web monitoring group, Beijing government hackers were behind the cyber attack and the hackers were trying to steal the credentials of Apple users.

The hackers used an MITM attack.

The hackers employed the “man-in-the-middle” (MITM) attack, which enabled them to interpose their own website between Apple’s iCloud server and users. They intercepted data, which could potentially have given them access to private user information, such as passwords, photos, iMessages, contacts, etc.

When asked about allegations that the Beijing government was attempting to spy on Apple customers, an Apple representative declined comment. However, the representative did note that the company’s technical support page had been updated and provided users with advice on how to protect themselves against cyber attacks. A statement on the page said: “We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously.”

The electronics giant instructs its users to watch for warnings when visiting www.icloud.com and to never enter their iCloud password in the event they receive a warning regarding invalid digital certificates. Furthermore, the company explains methods that users can employ to make certain they are connected to Apple’s genuine site when using different web browsers.

Hua Chunying, a Chinese Foreign Ministry spokesperson was asked about the incident and said that Beijing was opposed to hacking.

The cyber attack occurred only weeks after Apple announced where it would be storing iCloud data for Chinese users.

Cyber AttackGreatfire.org, a website that conducts research on Chinese internet censorship, suspected government involvement in the cyber attack. Greatfire noted that it was similar to previous attacks on Microsoft Corp’s Hotmail, Yahoo Inc., and Google Inc. According to Greatfire, the attack took place several weeks after Apple said that it would use China Telecom servers to store iCloud data for Chinese users. In addition, it also occurred during the same time the iPhone 6 began selling in China.

Greatfire also said that it was highly probable that the attack was staged with the knowledge of internet providers, such as China Telecom, since it seems to have initiated from “deep within the Chinese domestic internet backbone”. However, a spokesperson from China Telecom said that “The accusation is untrue and unfounded.”

Reuters contacted two independent security experts and both said that Greatfire’s report about the cyber attacks looked credible. Chief research officer at F-Secure, Mikko Hypponen, said that “All the evidence I’ve seen would support that this is a real attack.”

Mobile security underscored by BlackBerry following celebrity photo hack

The company has used this opportunity to flaunt its strong reputation for keeping data and files safe.

BlackBerry Ltd. has taken the opportunity presented by the nude celebrity photo hacking controversy to remind people about the outstanding reputation that the company has in terms of mobile security.

As concerns have risen following the theft of highly personal celeb photos from the iCloud, Blackberry saw its chance.

The Canadian handset maker used its own official blog in order to pump its mobile security and to make recommendations for users to follow so that they can help to protect themselves against similar risks. The company used its most recent post to point out a range of different reports that have supported its claims for providing high quality security. These reports came from companies that included everyone from CNN and Time Warner Cable to CNBC and Fox News.

The blog post from BlackBerry provided steps for device users to take to boost their mobile security.

Blackberry - Mobile SecurityThey explained that “As the iCloud hacking story continues to unfold, experts are finding it hard to talk about strong mobile security without bringing the corporate embodiment of it into the discussion.” A previous post provided readers with “five concrete steps for better mobile security.”

At the same time that this company was using the photo hacking scandal as a chance to place itself in a positive light, Apple has been working hard on damage control. Recently Tim Cook revealed that the company already had plans to implement a new security system that will add an additional layer of protection as it will provide users with a notification if any attempts have been made to change their account passwords or to download data to a new device from the iCloud.

Apple has also taken this time to point out that the hackers were able to obtain access to the content because they either guessed the mobile security question to reset the password or they sent phishing emails to which the celebrities fell victim and revealed their login details. The company has stated that this was not a case of the iCloud being compromised.