infosec

The iCloud Scandal – Who Is To Blame? – ‘Cloud’ Security vs. ‘Internet’ Security

How the iCloud Scandal Has Helped to Define the Difference Between ‘Cloud’ Security and ‘Internet’ Security

Busting the myth that bad cloud security was to blame for Apple’s recent celebrity data disaster

Overview: We discuss the ‘celebrity hacking’ iCloud saga and debate whether or not the breach was likely down to Cloud encryption issues or inadequate internet security measures.

Apple’s recent ‘celebrity hacking’ iCloud saga has stirred up several concerns about the safety of data in the Cloud. What if my confidential data was to be leaked in the same way, I hear you ask? And if society’s VIPs are helpless to it, what chance do I have of keeping my information safe? Well, cloud users shouldn’t be overly concerned. The scandal, as with many leaks, was actually more to do with each affected individual’s internet security (or lack thereof). Here’s why this recent drama shouldn’t break our trust with the Cloud.

security-network

Accepting responsibility at an individual level

Just because you’re uploading data on your computer to the Cloud, doesn't mean you don’t still need to make sure your own computer is safe. Hackers can still target your personal or business computers. If, for example, you’ve subsequently uploaded this data to the Cloud, it certainly doesn’t follow that any obtained data was definitively taken there. Virtually all ‘clouds’ are down-to-earth facilities called Data Centres that store and distribute data, the good news is that they are military-grade strength in terms of access and security.

Most of the problems come from device based computer hacks and there are of course products available to protect you from potential invasions when you’re connected to the internet. Safeguarding your system will keep your data better protected. Once you’ve implemented strong security software, all you need to do is follow the same security advice that’s been dished out to users since the dawn of the web: make sure your passwords are extra-long and impossible to guess. In the light of the hacking scandal, Apple also suggested customers sign up for ‘two-step verification’ to add an extra layer of protection to their accounts.

Another theory regarding the leaks is that information may have been disclosed in response to phishing emails. Here, managers or even the celebrities themselves may have accidentally shared their passwords in a socially-engineered attack. If you should notice anything suspicious whatsoever about an email asking you to verify your information, ignore and delete it.

Dispelling the myth that the Cloud is light on security

The Cloud, and cloudware services in general such as software-as-a-service, cloud-based communication applications like Skype and security packages are normally protected by very sophisticated security measures. Given that a growing number of people are signing up for cloud-based services, you should not be concerned that the cloud providers themselves are going to break the confidentiality agreements they have with their customers.

Of course, there is always the very small chance of a breach in security, whatever system you’re using whether it is in the cloud or not. But when a cloud vendor has previously been accused of being at fault in the event of a data hack, it’s often turned out not to be their fault at all.

This is what Apple suggested in their statement following the hacking scandal. The leak was blamed on a ‘very targeted attack on user names, passwords and security questions’. As opposed to it being a fault with cloud security, it was suggested it was perhaps more to do with individual user details and passwords not being sturdy enough.

A timely reminder

time

Of course, it is unlikely your business would ever be targeted in the same way that mega-famous celebrities are. The iCloud hacking scandal just reinforces the need for all accounts to be sufficiently protected wherever possible to avoid any ‘brute-force’ hacking tactics.

Many, many cloud providers have not yet had to worry about hacks, but high-profile cases like Apple’s immediately cause the public to panic. Apple are certainly not exempt of any blame – as the Wall Street Journal suggests, the scandal was much like a ‘door not having a doorman’ – but in general, iCloud-gate shouldn’t fuel too much worry amongst the public about cloud security. Users just need to remember to investigate their providers’ promises in full, and make sure that the internet security that they can control is absolutely watertight.

By Gary Gould

Gary Gould

Gary is the co-founder of the first independent cloudware comparison website. With decades of experience in the technology industry, Gary is well-placed to discuss the pros and cons of the latest cloud-based applications to hit the market. Compare, choose your favourites, and buy the cloud-based tool that works best for your business with CompareCloudware.com.

View Website

CONTRIBUTORS

Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Multi-Instance vs. Multi-Tenant Architecture  The cloud is part of everything we do. It’s always there backing up our data, pictures, ...
Scale Matters in the Enterprise Cloud

Scale Matters in the Enterprise Cloud

The Enterprise Cloud What used to be an unknown and mysterious term, “the cloud” is now a common and mostly ...
The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the ...
The Good, Bad, and Downright Ugly Takeaways from WikiLeaks’ Vault 7

The Good, Bad, and Downright Ugly Takeaways from WikiLeaks’ Vault 7

WikiLeaks’ Vault 7 If you haven’t heard of the Vault 7 WikiLeaks data dump, you’ve probably been living under a ...
Safeguarding Data Before Disaster Strikes

Safeguarding Data Before Disaster Strikes

Safeguarding Data  Online data backup is one of the best methods for businesses of all sizes to replicate their data ...
Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...
AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility Earlier this week, AWS S3 had to fight its way back to ...
Cyber Security Tips For Digital Collaboration

Cyber Security Tips For Digital Collaboration

Cyber Security Tips October is National Cyber Security Awareness Month – a joint effort by the Department of Homeland Security ...
Principles of an Effective Cybersecurity Strategy

Principles of an Effective Cybersecurity Strategy

Effective Cybersecurity Strategy A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as ...
Imminent IoT Eye-Tracking Technologies To Transform The Connected World

Imminent IoT Eye-Tracking Technologies To Transform The Connected World

IoT Eye Tracking Smelling may be the first of the perceptible senses, but the eye is the fastest moving organ ...

NEWS

email as a service

Google Data Analysis, Artificial Intelligence and Predicting Vaccine Scares

Social media trends can predict tipping points in vaccine scares Analyzing trends on Twitter and Google can help predict vaccine ...
Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

NEW YORK, Dec. 12, 2017 /PRNewswire/ -- Deloitte forecasts double digital growth in machine learning deployments for the enterprise, an increasing worldwide ...
Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system (Reuters) - Hackers likely working for a nation-state recently penetrated the safety system of ...