You may have heard the recent news about Apple devices that have been remotely locked and are being held for ransom. If not, here is Symantec’s explanation of what’s going on:
Based on initial feedback, a number of Apple IDs have been compromised and used to lock iPhones, iPads, and Macs. It remains unclear exactly how the Apple IDs were compromised, but possible explanations include phishing attempts, weak passwords, or password reuse. A separate breach involving emails and passwords used to login to Apple and iCloud could have facilitated the compromise of the Apple IDs.
The Symantec blog post added that once the device is compromised, the hackers can access the Find My iPhone or Find My Mac feature. With the ability to control that feature, the hackers are able to control certain features, like Lost Mode and lock down the phone and hold it for ransom.
The problem began in Australia, but the attacks have reportedly spread to other countries, including the United States and Canada.
According to Apple Insider, the folks at Apple say that iCloud was not compromised. But iCloud credentials were, so Apple is advising its users to change their passwords. But as Grace Zeng, security researcher with SilverSky told me in an email, it isn’t quite that simple:
Many users tend to use the same credentials across multiple sites. As iCloud/Apple IDs have to be registered email addresses, chances are good that some passwords are the same as their email accounts. It could be the case that one’s email address and password was leaked as a result of phishing emails or recent retailer data breaches, and attackers were able to use this same credential to log on to iCloud.
However, a simple solution to unlock your device would be to type in the device’s passcode, the same one you’d use to unlock it for regular use. One problem with this, though, is that according to a recent study by Consumer Reports, 34 percent of users still do nothing to protect their smartphones, including using a passcode to access the phone. The survey doesn’t include computers, but how many of us have a passcode for our laptops? Remember, Macs were affected by this attack, as well. If users aren’t able to unlock their device with their regular passcode or PIN, they’ll have to reach out to Apple for support.
As far as attacks go, this won’t rank up there as one of the most devastating (although perhaps it might be one of the most annoying). Yet, as Andrew Jaquith, CTO and SVP of Cloud Strategy with SilverSky told me, this may be a precursor of things to come:
The bigger lesson here is that as consumers rely more and more on cloud services to manage their devices, automate their homes and consolidate their entertainment, thieves will increasingly target these services.