The iCloud Scandal – Who Is To Blame? – ‘Cloud’ Security vs. ‘Internet’ Security

The iCloud Scandal

Busting the myth that bad cloud security was to blame for Apple’s recent celebrity data disaster

Overview: We discuss the ‘celebrity hacking’ iCloud saga and debate whether or not the breach was likely down to Cloud encryption issues or inadequate internet security measures.

Apple’s recent ‘celebrity hacking’ iCloud saga has stirred up several concerns about the safety of data in the Cloud. What if my confidential data was to be leaked in the same way, I hear you ask? And if society’s VIPs are helpless to it, what chance do I have of keeping my information safe? Well, cloud users shouldn’t be overly concerned. The scandal, as with many leaks, was actually more to do with each affected individual’s internet security (or lack thereof). Here’s why this recent drama shouldn’t break our trust with the Cloud.

Accepting responsibility at an individual level

Just because you’re uploading data on your computer to the Cloud, doesn’t mean you don’t still need to make sure your own computer is safe. Hackers can still target your personal or business computers. If, for example, you’ve subsequently uploaded this data to the Cloud, it certainly doesn’t follow that any obtained data was definitively taken there. Virtually all ‘clouds’ are down-to-earth facilities called Data Centres that store and distribute data, the good news is that they are military-grade strength in terms of access and security.

Most of the problems come from device based computer hacks and there are of course products available to protect you from potential invasions when you’re connected to the internet. Safeguarding your system will keep your data better protected. Once you’ve implemented strong security software, all you need to do is follow the same security advice that’s been dished out to users since the dawn of the web: make sure your passwords are extra-long and impossible to guess. In the light of the hacking scandal, Apple also suggested customers sign up for ‘two-step verification’ to add an extra layer of protection to their accounts.

Another theory regarding the leaks is that information may have been disclosed in response to phishing emails. Here, managers or even the celebrities themselves may have accidentally shared their passwords in a socially-engineered attack. If you should notice anything suspicious whatsoever about an email asking you to verify your information, ignore and delete it.

Dispelling the myth that the Cloud is light on security

The Cloud, and cloudware services in general such as software-as-a-service, cloud-based communication applications like Skype and security packages are normally protected by very sophisticated security measures. Given that a growing number of people are signing up for cloud-based services, you should not be concerned that the cloud providers themselves are going to break the confidentiality agreements they have with their customers.

Of course, there is always the very small chance of a breach in security, whatever system you’re using whether it is in the cloud or not. But when a cloud vendor has previously been accused of being at fault in the event of a data hack, it’s often turned out not to be their fault at all.

This is what Apple suggested in their statement following the hacking scandal. The leak was blamed on a ‘very targeted attack on user names, passwords and security questions’. As opposed to it being a fault with cloud security, it was suggested it was perhaps more to do with individual user details and passwords not being sturdy enough.

A timely reminder

Of course, it is unlikely your business would ever be targeted in the same way that mega-famous celebrities are. The iCloud hacking scandal just reinforces the need for all accounts to be sufficiently protected wherever possible to avoid any ‘brute-force’ hacking tactics.

Many, many cloud providers have not yet had to worry about hacks, but high-profile cases like Apple’s immediately cause the public to panic. Apple are certainly not exempt of any blame – as the Wall Street Journal suggests, the scandal was much like a ‘door not having a doorman’ – but in general, iCloud-gate shouldn’t fuel too much worry amongst the public about cloud security. Users just need to remember to investigate their providers’ promises in full, and make sure that the internet security that they can control is absolutely watertight.

By Gary Gould

Robots

How DSPs can Improve Straight Through Processing Rate in RPA Implementations by up to 82%

Robotic Process Automation Digital Service Providers (DSPs) today are well placed to take advantage of next-generation technologies like Robotic Process Automation (RPA), Machine Learning, and Artificial Intelligence. As most of the smart DSPs have already ...
ISC2 Webinar

Key Results from the 2021 Cloud Security Report

2021 Cloud Security Report The 2021 Cloud Security Report, sponsored by (ISC)2, explores current cloud security trends and challenges, how organizations are responding to security threats in the cloud and reveals tools and best practices ...
Peter Tsai

Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Updated: 11.19.2020 What is IaaS? Infrastructure as a Service (IaaS) allows you to rent computing resources from a third party that you then access through the web. You essentially outsource having to set up ...
Signal Messenger: How to Successfully Resist Wiretapping Attempts

Signal Messenger: How to Successfully Resist Wiretapping Attempts

Successfully Resist Wiretapping Attempts Against the backdrop of events in the US, the popularity of the Signal secure messenger has grown sharply - from 6,000 to 26,000 downloads per day. This software uses strong cryptography ...
Gary Bernstein

7 Ways To Ensure That Your Software Can Keep Up With Your Data

Keys To Managing Your Data Data has become a lot more important in our modern society. It is why many people consider data to be the new oil. It is as valuable as oil, and ...
Jeremy Cioara

Demand for Cloud and AI Skills Continues To Increase

Demand for Cloud Skills Increases Thinking about adding more cloud skills to your repertoire? Stop thinking. The time to do it is now. For IT professionals, cloud computing skills are becoming an essential resume item.  ...