News Stay informed about the latest enterprise technology news and product updates.

Apple iCloud hit with MitM attacks in China

There is more potential trouble for Apple iCloud users as a nationwide man-in-the-middle attack struck the iCloud website in China amid the country's launch of the new iPhone 6.

Apple's iCloud service has been hit by a nationwide man-in-the-middle attack in China ahead of the country's launch of the iPhone 6 today.

According to a report from anti-censorship organization Greatfire.org, the MitM attack is being waged by Chinese authorities, which follows similar attacks against Google, Yahoo and other leading technology companies operating in the country. Recent MitM attacks on Yahoo and Google in China were designed to block the company's respective search engines from producing results for certain keywords.

But the campaign against iCloud, according to Greatfire.org, represents a more serious attack that's designed to "gain access to usernames and passwords and consequently all data stored on iCloud," including iMessage content, photos and contacts.

Greatfire.org's report advised users in China to only access the iCloud website with a trusted browser such as FireFox or Chrome, which will prevent access to sites experiencing a MitM attack, or with a secure connection via a VPN.

In addition, the site urged iCloud users to enable two-factor authentication services, which Apple recently expanded following the high-profile hacks of several female celebrities' iCloud accounts. Charlie Smith, co-founder of Greatfire.org, said in an interview with SearchSecurity.com 2FA isn't commonly used by Chinese consumers, but that may change.

"Like the celebrity [iCloud] hack in the U.S., after this story, I think more Chinese users will enable two-step [authentication]," Smith said. "They will also be more aware of security issues in general."

Smith said his organization first noticed evidence of the attack on Saturday when connections to Apple's iCloud domain in China appeared to be intercepted. The attack spread nationwide today and is expected to continue through tomorrow, Smith said.

The attacks coincided with the launch in China of the new iPhone 6, which features enhanced encryption protection. Greatfire.org speculated the increased encryption measures played a role in the attack.

"This latest MitM attack may be related to the increased security aspects of Apple's new iPhone," the report states. "When details of the new iPhone were announced, we felt that perhaps that the Chinese authorities would not allow the phone to be sold on the mainland."

Greatfire.org also wrote that it's "unclear" if Apple made changes to the iPhone 6 models the company is selling in China. Previous MitM attacks on Google and Yahoo in China have been connected to the Chinese government's crackdown on political protests in Hong Kong.

Smith said Greatfire.org hasn't seen any evidence that the current MitM campaign has affected iCloud users outside of China and doesn't foresee the attack will spread beyond the country. But he does expect future MitM attacks on foreign websites operating in the country to increase.

"It's not likely that this attack will occur outside of China," Smith said. "I don't think China would risk the negative fallout from such action. They know that they can get away with attacking their own citizens, but pushing it beyond the borders would be taking this a step too far."

Next Steps

Concerned about your data and personal information in the public cloud? Learn why security experts believe multifactor authentication is a critical component for cloud security.

Dig Deeper on Cloud Data Storage, Encryption and Data Protection Best Practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly.com

Close