VPN Articles and News

Apple’s iCloud Under Severe Attack in China

By
Tuesday, November 4th, 2014


Coinciding with the launch of iPhone 6 in the country, Apple’s users in China were hit by an unprecedented security attack in late October. According to security experts, the attack targeted Apple’s iCloud service and allowed hackers to steal usernames and passwords and view confidential photos and emails. The attack methodology was very similar to the recent Man In The Middle (MITM) attacks that targeted users of Google, Microsoft Live and Yahoo in China so experts were quick to blame the Chinese authorities for the security breach. However, Beijing denied any involvement in the attack and claimed that China opposes cyber attacks in all forms.

Reports of the security breach started doing the rounds when Chinese users started seeing security warnings while trying to access iCloud’s website. Browsers like Firefox, Safari and Chrome usually flash a security warning whenever they are unable to validate security certificates and verify the authenticity of the target website. This led many users to believe that they are being redirected to a clone of the iCloud website without their knowledge. The interesting thing is that Qihoo, the most popular browser in China, did not flash any kind of security warning. This raised suspicions that hackers were backed by the Chinese government and are using a fake website to collect iCloud users’ credentials. The scale of the breach also led many experts to believe that the attack initiated within the Chinese internet backbone and could not have been perpetrated without the active co-operation of Chinese ISPs.

Apple, on its part, confirmed the attack but denied that it compromised iCloud’s security. Since the attack targeted just one IP address of iCloud website, the company disabled that IP and started routing Chinese users to alternate IP addresses of the site. The attack was serious enough for Tim Cook to travel to China and discuss the issue of users’ information security with the Chinese Vice Premier.

It is a common knowledge that the launch of iPhone 6 was delayed by over a month in China due to security issues raised by the authorities. Since Apple has recently introduced several new security features including user controlled encryption in its latest iPhone, it is indeed possible that the attack was initiated by the Chinese authorities to maintain their surveillance supremacy. It is also possible that the attacks were intended to steal data from Apple’s iCloud servers located in China though there is no evidence that supports this theory. It may be recalled that the company moved the data of Chinese iCloud users to servers located within the country in August to facilitate faster access to the service.

Apple has also issued guidelines on how to deal with such MITM attacks. The company advised users not to sign into their iCloud account if they receive untrusted connection warning from their browser. In addition, security experts have advised users to sign up for iCloud’s 2-step verification security as soon as possible. This would ensure that hackers would not be to access personal information of iCloud users even if they have their usernames and passwords since they would be unable to supply the second authentication code needed to sign into the service.


November 4, 2014
Comments

Leave a Reply

Your email address will not be published. Required fields are marked *


0 + 9 =