Bill Gray
0
All posts from Bill Gray
Bill Gray in Bill Gray,

Apple's iCloud network under attack

Apple says it is aware of "intermittent organized network attacks" that attempt to get users' information when they try to sign in to iCloud.

The attacks don't compromise iCloud servers, but they could allow the attackers to steal users' login credentials.

ICloud is a storage service offered by Apple that allows users to keep their music, photos and files "in the cloud." Their information is stored on Internet-connected servers that the user can access through their phone, tablet or computer, without having to store it directly on a hard drive.

The attack comes when a user attempts to log in to their account on iCloud. The system is protected by digital certificates that certify their connection is secure and being protected by an encrypted connection.

However, in some cases users are instead getting a message that their browser cannot verify the identity of the website.

If the user still attempts to sign in, their iCloud login ID and password could be harvested by the attackers.

Apple posted on its website specific examples of what users should look for on all major browsers – Safari, Chrome and Firefox – to ensure that their connection is safe.

Cloud-based storage, especially photo storage, has been in the news since nude photos of celebrities such as Jennifer Lawrence and Kate Upton were stolen from hacked online accounts last month.

The attempt at collecting user information was first reported by Greatfire.org, a group that tracks Chinese internet censorship.

The attack is what's known as a man-in-the-middle attack, where the attacker puts a fake website between the user and the real website they were aiming for. The messages still go back and forth between the user and the site, but through the man in the middle, who can siphon off information at leisure.

GreatFire.org, a non-profit, noted that the attacks coincided with the launch of the iPhone 6 in China.

Source: http://www.usatoday.com/