It would have been hard not to notice all the publicity surrounding the recent iCloud hack that resulted in a number of high profile celebrities having some pretty personal photos stolen from their accounts and distributed all over the internet. While this provided plenty of fodder for the gossip websites it was also something of a PR disaster for Apple in terms of iCloud security expectations. Although claiming that the security breach had nothing to do with a fault in Apple’s systems but the hackers’ ability to guess at security questions and obtain passwords, the company nevertheless felt the need to upgrade some of its security measures.
Back in September, Apple boss Tim Cook told the Wall Street Times about steps being taken to provide additional security. For example, if another person attempts to perform an action such as changing an account password or restoring iCloud data to another device then the owner of the account will receive a push notification. Currently, an email is sent to warn of this activity but the push notification would enable a faster response. Apple is also pushing the importance of two factor authentication, which is more secure than a password login. Since last month, Apple requires users to create app specific passwords for third-party apps that use iCloud data, which is designed to make that data more secure. However, for many people this has simply produced a situation in which apps that previously functioned are now demanding an iCloud password that doesn’t work, with the result that many people are simply turning off two step authentication.
As is often the case, many of us simply don’t take this kind of security seriously until something happens directly to us. However, this is no time to be lax when it comes to cloud security as, unfortunately, it would seem that the attacks on iCloud users are far from over. Apple recently confirmed that iCloud users in China were being diverted to unauthorised websites when trying to sign in to their accounts online. The issue didn’t affect sign in on iOS devices or Macs running the new OS X Yosemite using Safari but other routes could be open to security breach. The hacking attack just happened to coincide with Apple launching the new iPhone 6 models in the country
One thing these attacks have confirmed is that it doesn’t matter who you are or where you are, you can still be a target. The time has definitely come to start taking network security seriously.
ITC are a network and security integrator providing businesses with assured IT. We design, build, optimise and manage your Network & Security infrastructures, enhancing network performance, safeguarding information and simplifying management. Get in touch for more information on our services.