Everyone who uses iCloud is vulnerable to the sort of hacking incident that led to images of a naked Jennifer Lawrence being distributed on the internet over the weekend, tech experts have warned.
Hollywood’s biggest stars were targeted in a massive iCloud hacking incident, with an unidentified hacker unearthing explicit photos of A-list celebrities like Jennifer Lawrence, Kate Upton and Kirsten Dunst and posted them to an online forum.
A spokesperson for Lawrence called the incident a “flagrant violation of privacy”.
According to Chris Gatford, security consultant and director of HackLabs, everyday users of iCloud should be concerned that their own iCloud data is at risk.
“People explore these services to find technical flaws all the time,” Mr Gatford says. “Often, they’re reported responsibly. However, you do get some people who take advantage of the flaw and do something malicious.”
In this case, because celebrities are involved and the hacker was asking for monetary compensation, the breach may have been targeted and reasonably elabroate.
One of the victims, actress Mary Elizabeth Winstead, lashed out at the hacker for investing so much time in the violation.
“Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this,” Winstead wrote on Twitter.
But accessing someone’s private information isn’t always rocket science.
“Some attacks are extremely simple,” Mr Gatford says, “It could just be a matter of password reconfiguration. It’s not hard to figure out that Kate Upton’s password could be ‘Upton’.”
Risqué photos being made public isn’t the only concern.
According to Mr Gatford, hackers could take their intrusion further depending on your privacy settings.
“When you take a photo on your phone, you might also be capturing the location information. That could aid someone who wanted to take it further and do some stalking,” Mr Gatford says.
What is the iCloud? Do I have it?
If you feel intimidated and confused by the cloud, you’re not alone.
“There are a lot of things happening between your smart device and the cloud that people don’t even know about,” Stephen Wilson, principal analyst at Constellation Research, says.
“The sad thing is you often get bundled consent. You press ‘OK’ once and then it’s there for all time.”
In a nutshell, the iCloud is a system for backing up the content on your Apple device. It’s similar to using a hard drive, but the data is essentially being uploaded to the Internet so it can be accessed anywhere.
Uploading photos, documents or other data to the iCloud is like locking all of your jewelry in a safe and then putting the safe on the street. Your stuff is still protected, but there’s every chance someone could come along and find a way to break in.
As a rule, the iCloud is offered as the default service for all Apple products. If you’re not sure whether you are using it, head to www.icloud.com and type in your Apple ID and password. Whatever appears on the site is what you have loaded onto the iCloud.
How can I protect myself?
“At this stage there’s nothing the consumer can do to make themselves more protected,” Mr Wilson says.
Instead, focus on being cloud-literate and knowing exactly what you’re uploading from step one. Here’s how:
Check your device settings
On your iPhone, iPad or other device, you will be able to see what content is being uploaded to the cloud. If you’re not comfortable, you can simply turn the permission off.
Choose a hard drive
“If you’re frightened of having someone steal your home porn then definitely don’t put it in the cloud,” Mr Wilson says.
“Organize your photo albums so if there’s anything personal it’s in a separate album that you can back up to a hard drive.”
Medical documents, banking history or personal information should all be put onto a physical hard drive if you’re concerned about privacy.
Turn off location services
In your device settings you can also disable location services for certain apps. This will decrease the likelihood of your activity being geographically tracked.
Never use the same password
“Always change different passwords for each service you use,” Mr Gatford says.
“Make them memorable but reasonably complex by using an additional symbol between words.”
Always log out
If you’re on a public computer or borrowing a friends device, ensure you log out of all accounts as some devices automatically save log-in details.
For hackers, this facilitates their efforts by providing direct access to your personal information.
“If you’re sitting at a machine that someone used to access the cloud you’ve probably got access to it,” Mr Gatford warns.
Tales of hacking, madness and obsession on the electronic frontier – Underground by Suelette Drefus. Buy it here.
Suelette Dreyfus, and co-author, WikiLeaks founder Julian Assange, tell the compelling true story of the computer underground and the bizarre lives and crimes of an elite group of young Australian hackers who, in the 1980s and 1990s, took on the forces of the establishment.