Following reports that hundreds of private celebrity photos have been leaked from iCloud accounts, Wael Aggan, CloudMask CEO, helps to explain why even encrypted data may not be secure in the cloud and how to protect your data in a hack:
“Most hacks to individuals online accounts are implemented through “password cracking” techniques. These techniques vary from brute-force, guessing, dictionary attacks and other increasingly sophisticated methods. One of the most commonly used techniques today, “site impersonation attacks”, is where the attacker attempts to mimic someone else's website - the target service, in this case iCloud. To protect yourself from this type of attack, individuals should never click a link received in an email without knowing what it is. A simple practice is to hover over the link and read the actual URL, if it is not from your service provider, don’t click on it”
“While we know that iCloud encrypts data in transit and in storage, if a hacker gains access to your online accounts, they will see everything in it, unless it was encrypted at creation”.
“Cloud services are constantly being scrutinised for their security and data privacy laws are making it increasingly complex to adopt the cloud and meet regulations. By securing data from creation, you can protect your information throughout the many layers of the cloud computing model.”
CloudMask recommendations vary from simple to complex, depending on how serious users are about privacy:
1. Use strong passwords that comprise of alphanumeric and special letters.
2. Do not use the same password for all your sites.
3. Use two factor authentication.
4. Encrypt your data from creation, even if your account is hacked your data will not be seen.