Apple ramps up iCloud defense against hackers–report

In this Monday, June 6, 2014 file photo, Apple CEO Steve Jobs talks about iCloud at the Worldwide Developers Conference in San Francisco. The circulation of nude photographs stolen from celebrities’ online accounts has thrown a spotlight on the security of cloud computing, a system used by a growing number of Americans to store personal information over the Internet. On Tuesday, Sept. 2, 2014 Apple acknowledged the security breakdown and blamed it on intruders who were able to figure out usernames and passwords and bypass other safeguards. (AP Photo/Marcio Jose Sanchez, File)

SAN FRANCISCO — Apple is ramping up iCloud defenses in the aftermath of hackers swiping nude photos of celebrities from the online digital vault, the Wall Street Journal reported late Thursday.

The Journal quoted Apple chief executive Tim Cook as saying iCloud accounts of film stars including Jennifer Lawrence were looted by hackers who used tactics such as correctly answering security questions to obtain passwords, or tricking victims into revealing user IDs and passwords with ruses referred to as “phishing” scams.

In coming weeks, Apple will start sending people alerts when attempts are made to change passwords, restore iCloud data to new devices, or when someone logs in for the first time from a new Apple gadget, the Journal reported.

Tools will be in place for legitimate users of accounts to seize back control. Cook was quoted as saying that Apple also wants to make people more savvy when it comes to guarding against hackers with strong passwords and other techniques.

“When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece,” Cook was quoted as saying.

“I think we have a responsibility to ratchet that up. That’s not really an engineering thing.”

Apple will expand the use of “two-factor authentication,” which requires someone trying to access an account to augment a password with something else such as a temporary code sent by text message to the account holder’s mobile phone.

Apple said Tuesday a “targeted attack” led to the release of nude photos of celebrities including Oscar winner Lawrence but insisted there was no breach of its cloud storage system.

The admission came as experts and lawyers said the hack was a wake-up call about the dangers posed by technology to people’s privacy, whether they are stars or not.

“After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet,” Apple said.

“None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.”

The Federal Bureau of Investigation confirmed it was investigating.

RELATED STORIES

Expect more ‘malicious’ activities that exploit nude photo hacking, warns expert

Photo ‘hack’ on nude Jennifer Lawrence, Kate Upton, other stars probed

Read more...