Tag: Apple security

iCloud cyber attack in China allegedly caused by government

Apple’s iCloud storage service was attacked in China by hackers attempting to steal sensitive information.

According to a Chinese web monitoring group, Beijing government hackers were behind the cyber attack and the hackers were trying to steal the credentials of Apple users.

The hackers used an MITM attack.

The hackers employed the “man-in-the-middle” (MITM) attack, which enabled them to interpose their own website between Apple’s iCloud server and users. They intercepted data, which could potentially have given them access to private user information, such as passwords, photos, iMessages, contacts, etc.

When asked about allegations that the Beijing government was attempting to spy on Apple customers, an Apple representative declined comment. However, the representative did note that the company’s technical support page had been updated and provided users with advice on how to protect themselves against cyber attacks. A statement on the page said: “We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously.”

The electronics giant instructs its users to watch for warnings when visiting www.icloud.com and to never enter their iCloud password in the event they receive a warning regarding invalid digital certificates. Furthermore, the company explains methods that users can employ to make certain they are connected to Apple’s genuine site when using different web browsers.

Hua Chunying, a Chinese Foreign Ministry spokesperson was asked about the incident and said that Beijing was opposed to hacking.

The cyber attack occurred only weeks after Apple announced where it would be storing iCloud data for Chinese users.

Cyber AttackGreatfire.org, a website that conducts research on Chinese internet censorship, suspected government involvement in the cyber attack. Greatfire noted that it was similar to previous attacks on Microsoft Corp’s Hotmail, Yahoo Inc., and Google Inc. According to Greatfire, the attack took place several weeks after Apple said that it would use China Telecom servers to store iCloud data for Chinese users. In addition, it also occurred during the same time the iPhone 6 began selling in China.

Greatfire also said that it was highly probable that the attack was staged with the knowledge of internet providers, such as China Telecom, since it seems to have initiated from “deep within the Chinese domestic internet backbone”. However, a spokesperson from China Telecom said that “The accusation is untrue and unfounded.”

Reuters contacted two independent security experts and both said that Greatfire’s report about the cyber attacks looked credible. Chief research officer at F-Secure, Mikko Hypponen, said that “All the evidence I’ve seen would support that this is a real attack.”

Mobile security report shows equal vulnerability between Android and Apple

Marble Security has released its June threat report and found that the chances of attack are the same.

The latest mobile security report from Marble has revealed that the odds of experiencing a malicious software attack on either an iOS or Android based smartphone are equally high.

This goes against previous research that has indicated that iOS provides greater safety as a platform.

This mobile security data could come as quite a surprise to iPhone or iPad owners who had been under the impression that they were safe from the risk of malicious software and malware. The Marble research found that these two types of device have an equal vulnerability from those types of attack.

This mobile security research result jars with the long held belief that Apple devices are safer.

In the case of computers, Apple machines traditionally had a much lower instance of spam, malware, and other types of harmful software than PCs. That same feeling has migrated into the mobile sphere as smartphones have achieved greater penetration. However, the research from the Marble Labs analysis has shown that they aren’t any more or less safe than their Android counterparts.Mobile Security Problems

The study looked into the top 14 forms of smartphone security threats. In them, both platforms proved to be equally risky – and the risk wasn’t low. At the same time, the balance of the exposures were different between the two platforms. Though they are equally at risk of threats, the threats for each type of platform are not the same.

The firm also conducted an analysis of 1.2 million Android and iOS apps and published the results in its report. What it found was that news and gaming applications in iOS are the top security risks among any form of category for iPhones and iPads.

According to David Jevans, the CTO and founder of Marble Security, it is important for enterprise security managers to understand the mobile security threat over Apple devices. He pointed out that the electronics giant’s “vaunted iOS mobile security reputation hinges on its app distribution control, not on any inherent superiority of its operating system.”