SOAR Platform / Blog / CyberSponse CEO Joe Loomis discusses Apple iCloud Hack

CyberSponse CEO Joe Loomis discusses Apple iCloud Hack

Apple experienced a recent hack to iCloud as presented in this video. The outcome of cyber attacks can be extremely serious and costly to companies. The information hackers access can be devastating to your company, and the privacy of your business. Your company and the information exposed publicly needs quick and immediate remediation. Efficient communications and processes are key to mitigating damage that these security events cause. Prepare your company for security incidents and data breaches before they occur. Get the incident management and operations management software that you need with CyberSponse.

The team at CyberSponse believes consolidated security operations and incident response workflows are vital in proactive security, defending against hacks and data breaches. An efficient system, with a scalable security system, automation, and a single pane of oversight is the best way to ensure a great and effective security operations management. Reach out to CyberSponse today to prepare your company today. Visit our website to schedule a demo today.



Adam Housley: Welcome back to “Tech Take.” I’m Adam Housely. We’re live on location today in Northern California, where they’re putting up one of the ice rinks as we approach the wintertime. We’re here to talk about iCloud. If you don’t know, if you’re an Apple user – you have an iPhone, a Mac or a table ‑‑ you know that iCloud’s a very popular service amongst Apple users. I use it. My family uses it. My mom doesn’t for some reason.

As part of that, there have been some issues lately. We know about the Apple scandal, where some of the pictures were leaked online of certain celebrities. Now there’s some issues happening with what’s said to be widespread Chinese hacking and a compromise [0:45 inaudible] helped the Chinese government.

Here to talk more about iCloud and the situation right now is Joe Loomis. He’s CEO of CyberSponse. You can find him at JosephCLoomis on Twitter. CyberSponse is their website, of course. Thanks for joining us, Joe, from Scottsdale. We appreciate you coming on today.

My first question is very simple. Everybody thought Apple had the crack‑proof way of sharing things, and that’s clearly not the case.

Joe Loomis: That’s correct, Adam. Really, what we’re seeing is a man‑in‑the‑middle attack. It’s redirecting customers and users, who are signing up for iCloud accounts, to these illicit websites that are housing and farming all of their logins. It looks like Apple’s website, but in reality, it’s the Chinese government’s.

Adam: I use Apple products, as I mentioned. I also use PCs. I’ve got both sides covered here, Windows being one and, of course, I have an Apple iPhone, tablet, and MacBook. My question would be: does Apple deserve criticism here? When the Chinese government is basically opening up the “Great Wall of China,” as people like to call it, and allowing this to happen, are there things Apple can do to stop it?

Joe: Apple has changed the IP address of the iCloud instants in order to try to circumvent this, in order to solve it. It’s not really a concern for the users in the United States if you use any local and commonly known browsers like Chrome or Firefox. They’re going to notify you that you’re being re‑directed to a website that doesn’t match the SSL certificate.

But when you’re in China…I don’t know if you know or not, but China got their first shipment of the new iPhone 6. What you’re seeing is that everybody who has a new phone is signing up for an iCloud account, and now their login credentials are being farmed by their own local government. What you can see is this might be a targeted attack for their own country, not necessarily to the United States.

Adam: Joe, my question is if it’s not targeted towards the US, is there something that US users should do to protect themselves?

Joe: First and most importantly, always use a browser that is trusted. Use a Chrome, an Internet Explorer, a Firefox. These browsers have solutions embedded within them, in order to prevent these types of redirections. This is a man‑in‑the‑middle attack.

What that means is that when you think that you’re looking at the website or the, in reality, you’re looking at a spoof or a misdirected website. When you log in and you put in your credentials ‑‑ you’re trying to sign up for an account even ‑‑ you’re not actually even signing up. It’s really called a phishing or a hijack.

Adam: So it’s not directed towards American users, per se. It sounds like it’s the Chinese government, once again, overlooking and overseeing their people, to an extreme way. Is this an opportunity for others to see what has happened and potentially affect American users?

Joe: What this should be is a little bit of a wake‑up call how easy it is to get your compromised credentials. Using tools like LastPass and secure passwords, 1Password, all these password encryption tools, will help you so that if you ever are compromised, you can change your password relatively easily. And, these are strong passwords.

We really need to remember that convenience does not equal secure. We’ve seen even airline WiFi hotspots being compromised while you’re in the air at 30,000 feet. When you see that free WiFi at Starbucks, be careful what you’re logging in to. Everything that you pass through your browser when you’re logged in to this, you don’t know who’s listening or where you’re being directed.

Adam: Yeah, we did that at a coffee shop, in fact, a couple of years ago. We went out and we logged in and looked at all the different people’s computers we could easily access. We weren’t trying to hack them and we didn’t hack in. But, if we had wanted to, it would take very little knowledge to do that, and I think that’s what you’re talking about here.

My final question for you is this. iCloud, extremely important. You mentioned some of the different password programs that are out there. I know a lot of people say those things work. Does that work for iCloud and Apple, where you can have one of those encryption passwords…and there’s tons of them on the market. [4:55 inaudible] Would [4:56 inaudible] there be an app, or would it actually be a physical tool?

Joe: In this case, with a redirect, the only thing that’s going to protect you is a really good browser, a browser that’s going to notice that you’re being directed to an IP address that doesn’t match the domain or the SSL certificate. That’s your only protection at this point.

Adam: All right, Joe Loomis, CEO of CyberSponse, we really appreciate you coming on. Good information. Of course, we continue to talk about the security concerns that not only do our viewers have, but people around the US, specifically, and all the issues that are coming on. It seems like it just continues to get worse, and when you have a government like China behind the situation, that only makes it even more difficult.

Joe is the CEO of CyberSponse. You can find him on Twitter, @JosephCLoomis, also on the Web. We appreciate you joining us from Scottsdale, Joe.

Joe: Thanks a lot, Adam. You take care.

Adam: All right. You, too. I’m Adam Housely. We’re on the road in Northern California this week, and you’re watching “Tech Take.”