Apple CEO Tim Cook on Wednesday spoke with officials in China about data security and privacy. This meeting comes on the heels of a reported attack against users of Apple’s iCloud service in China. Hackers allegedly were able to get hold of users’ data by intercepting traffic on the Internet. They did not break into Apple servers.
The attack coincided with the launch in China of the new iPhone 6. As for the perpetrator: A nonprofit watchdog called GreatFire.org alleges the Chinese government was behind it. China denies that. And Apple, in a statement, does not name a culprit.
The attack has a name: man in the middle.
“Imagine someone running a post office and they’re managing all of the letters that go in and out of that post office,” says Zackary Allen, lead researcher at the security firm ZeroFox. “A man-in the-middle attack is someone … taking over one of those post offices. And they can take your envelopes that you’re sending out to your family or your friends and put them somewhere else. …
“Or they can open up the letter, change it, reseal it and then send it back out,” he says.
And the sender wouldn’t have a clue.
The end goal could be to steal information or to change information. The perpetrator could be one person or many people.
“We’ve seen criminal organizations; we’ve seen disgruntled employees. It can also be nation-state actors,” Allen says.
The attack is really different from, say, a virus that gets into a single document. It’s more sophisticated.
The Internet is a bunch of interconnected routers. With man in the middle, the attacker takes over a router and can watch all the traffic — text messages, emails, iCloud logins — to decide what’s worth stealing.
“These routers help get you from where you are to a destination,” Allen says. “If you manage to compromise one of those routers, any traffic that flows through that, you control.”
Apple’s new iPhone is in fact more secure than previous ones. The physical hardware itself is harder to hack into. So these kinds of attacks that target weak links in the transfer of data on the cloud will become more common, experts say.
Apple is advising concerned customers to read the warnings that pop up in Web browsers — so if you see a strange request for permission or a certificate at the iCloud login, don’t just click OK.