Cloud Hacks More Than Just Nude Pics
The sensational invasion last week by hackers into dozens of pictures of nude Hollywood celebrities was a wardrobe malfunction on major scale, but it is time to take a more serious look beyond the alluring pictures. The world is heading for more catastrophic consequences in the cloud.
The leaks of the celebrities’ photos went viral online after hackers used new “brute force” attacks to break into the victims’ online accounts, casting the spotlight on the security of cloud computing.
But the disturbing and often overlooked question is, why are so many companies still blindly and trustingly moving ever more data into the cloud, where online access to highly confidential information related to clients, customers, employees, deals, business plans and performances and worst of all, our personal details, is left seemingly and increasingly more vulnerable?
As I pointed out in another column a year ago, the disturbing fact is that the data are left exposed online no matter how secure the corporate echelons like to think they are, and boast about their system protocols and compliances. Apart from risking hackers hitting the right keys and bypassing security measures, the data are also conveniently laid out for intelligence agencies like the NSA to sniff through, as the well publicized revelatons by super-hacker Edward Snowden have shown.
The fact that the largest and most globally-oriented organizations like banks, listed companies and multinational corporations are the usual culprits of such ignorance is even more disturbing. It's data migration and data penetration en masse. Period.
I always wonder what it would take for the world to truly understand this harsh reality. A major earth-shattering catastrophic hacking on a global bank? It seems that the recent attacks on the US’s biggest bank JP Morgan Chase & Co., allegedly by Russian hackers who extracted gigabytes of sensitive data, isn’t sufficient to send the message.
Perhaps leakage of nude photos would do the trick to publicize the issue? Apparently not, as there have also been previous incidents of security breaches on smartphones leaking to the spread of celebrities’ “selfie” photos baring their prized assets.
In the latest episode, Apple Inc. has admitted the security breakdown leading to attacks on its iCloud service and blamed hackers who managed to figure out usernames, passwords and also bypass other security safeguards.
It has even been said that Apple was aware of a known security vulnerability in its iCloud service for months and careless about protecting its users.
The entire episode may be terrible timing, given the hype about the upcoming launch of Apple’s iPhone 6 on September 9. The company was quick to announce additional security measures to keep hackers out of user accounts through wider use of two-factor authentication security system and alerts via email and push notifications following any attempts to change password, restore iCloud data to a new device or when a device logs into an account for the first time.
So much for more security measures, it’s safe to say it’s all a cat-and-mouse game as hackers will soon be able to detect yet new vulnerabilities to exploit. Fingers crossed, iCloud users.
The question is, why on earth would one upload anything highly personal and sensitive like personal nude photos onto the clouds? Unless one has dire desire for a wardrobe malfunction moment? Hmmm…
Suffice to say, personal use of cloud computing should be best kept restricted to anything but confidential and sensitive data and files.
Anyway, I was left rather speechless when I received a call from a global technology company late last week, obviously well after the latest headlines of the celebrities’ nude photos, trying to sell me of all things cloud computing services. I figured it’s a long story explaining to this enthusiast sales representative and just politely declined.
Vanson Soo is the founder and director of Vanuscript Consulting, a leading independent risks mitigation practice covering Asia with a special focus on the Greater China region. Blog: http://vansonsoo.com