In recent weeks it seems like Apple (News - Alert)'s iCloud has been under constant siege, with hackers trying to steal everything from banking account information and finances to lewd pictures of famous celebrities. Most recently, Chinese authorities have begun exploiting vulnerabilities in iCloud with a man-in-the-middle attack, which could compromise user account login information and allow for future unwanted access.
According to censorship watchdog GreatFire.org, “This episode should provide a clear warning signal to foreign companies that work with the Chinese authorities on their censorship agenda.” Man-in-the-Middle attacks are not uncommon to the iCloud, and work by intercepting communications as they are made. Because the data is only observed in transit and not directly accessed, neither party is aware of the situation or able to stop the hackers from making a copy of the information. By gaining access to username and password information, Chinese authorities could even track back and see what that user has been viewing in the past.
GreatFire is comprised of a group of anonymous staff members living and working in China, who claim that the attack could have been large-scale enough to collect customer data throughout the entire nation. The group claims that the censorship authorities accessed data from iMessages as well as photo and contact apps from Apple, and further warns that the government has made similar attacks against Github, Google (News - Alert), Yahoo and even Microsoft.
On Friday, the iPhone 6 and the 6 Plus variant will be released for sale in China, where popular demand is expected to reach even higher than the record-breaking United States sales figures on the release weekend. If the Chinese government can access data on all of these phones, there could be a serious breach of privacy within the country, as well as among trade partners.
Edited by Maurice Nagle
View all articles