Tag: cyber attack

Apple’s iCloud storage service was attacked in China by hackers attempting to steal sensitive information.

According to a Chinese web monitoring group, Beijing government hackers were behind the cyber attack and the hackers were trying to steal the credentials of Apple users.

The hackers used an MITM attack.

The hackers employed the “man-in-the-middle” (MITM) attack, which enabled them to interpose their own website between Apple’s iCloud server and users. They intercepted data, which could potentially have given them access to private user information, such as passwords, photos, iMessages, contacts, etc.

When asked about allegations that the Beijing government was attempting to spy on Apple customers, an Apple representative declined comment. However, the representative did note that the company’s technical support page had been updated and provided users with advice on how to protect themselves against cyber attacks. A statement on the page said: “We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously.”

The electronics giant instructs its users to watch for warnings when visiting www.icloud.com and to never enter their iCloud password in the event they receive a warning regarding invalid digital certificates. Furthermore, the company explains methods that users can employ to make certain they are connected to Apple’s genuine site when using different web browsers.

Hua Chunying, a Chinese Foreign Ministry spokesperson was asked about the incident and said that Beijing was opposed to hacking.

The cyber attack occurred only weeks after Apple announced where it would be storing iCloud data for Chinese users.

Greatfire.org, a website that conducts research on Chinese internet censorship, suspected government involvement in the cyber attack. Greatfire noted that it was similar to previous attacks on Microsoft Corp’s Hotmail, Yahoo Inc., and Google Inc. According to Greatfire, the attack took place several weeks after Apple said that it would use China Telecom servers to store iCloud data for Chinese users. In addition, it also occurred during the same time the iPhone 6 began selling in China.

Greatfire also said that it was highly probable that the attack was staged with the knowledge of internet providers, such as China Telecom, since it seems to have initiated from “deep within the Chinese domestic internet backbone”. However, a spokesperson from China Telecom said that “The accusation is untrue and unfounded.”

Reuters contacted two independent security experts and both said that Greatfire’s report about the cyber attacks looked credible. Chief research officer at F-Secure, Mikko Hypponen, said that “All the evidence I’ve seen would support that this is a real attack.”

As the number of smartwatch and smartband wearers grows, the amount of data tracking increases, too.

According to the results of a recent mobile security study that have just been published, the users of wearable tech devices can become the victims of cyber attacks, personal data breaches, or simply basic tracking by an individual with a low budget and a small amount of knowledge on the subject.

In fact, the study showed that all that is required is about $70 worth of hardware to track a wearable tech user.

The study was conducted by Symantec, the online and mobile security giant. Its researchers came up with a very simple design that brought a Bluetooth radio module together with a Raspberry Pi computer that was capable of scanning the area for the signals of wearable technology. The device was brought to various parks and sporting events where the researchers were then capable of recording the data that was being broadcasted by devices that were nearby.

The mobile security “attack” went completely undetected by the device users because no attempt was made to connect.

The device made by the researchers never attempted to make a connection with the specific wearables that were being tracked. This was not required because the data was collectable due to the sheer simplicity of the wearable tech, which communicates with more complex devices – such as smartphones, tablets, and laptops – in order to make its information usable to the wearer.

The researchers brought the detection devices to public places in Ireland and Switzerland. They found that among all the types of mobile devices that are carried by people in these types of location, it was wearables that were particularly easy to track. According to the team, in a blog post that they made on the subject, “All the devices we encountered can be easily tracked using the unique hardware address they transmit.”

Among the types of mobile security vulnerability that were found in these devices, the researchers were also capable of remotely probing the gadgets to reveal identifying information or serial numbers. That said, they felt that this type of information would be considered to be “trivial” by people who have computer knowledge and who would be capable of actually accessing this data.