Coinciding with the release of the iPhone 6 for sale on mainland China, reports are now surfacing that the Chinese government may have compromised the security of anything stored on the Apple iCloud by implementing a Man in the Middle (MITM) attack to secretly intercept information from users. The report indicates that those users who ignored warnings about security while accessing the Apple site and entering username and password information have most likely been compromised by the Chinese government, leaving everything they have stored on the iCloud vulnerable to being accessed by the government hackers. A MITM attack is one where a dummy page is created to duplicate the intended destination, so that the attacker is able to collect logins and password information from that dummy page when the user believes they are logging into the actual site. The “middle man” then logs onto the account instead and relays responses to give the impression that the user is communicating directly with the intended site. Instead, the attacker has accessed the account instead, capturing whatever information they want, and never giving any indication that they are there to the user.
There are some security measures which can be taken to avoid an attack like this. It is too late for many at this point to prevent personal messages, images, and information about contacts from being viewed, but future incursions can be avoided. First changing passwords is the obvious beginning step, but then it is a good idea to access the iCloud using a server with advanced security measures. Two browsers that are able to detect MITM attacks and which will prevent users from being sent to the dummy sites, are Google Chrome and Firefox. In addition to using a more secure browser, it is recommended that the two-step security feature on the iCloud account be used because it prevents the user from falling victim to this type of attack. Also, a undisrupted connection can be achieved by using a Virtual Private Network (VPN) when making the connection.
This particular attack is somewhat unexpected for many, given the amicable relationship between the Chinese government and Apple to date. The tech giant received heavy criticism by agreeing quickly to Chinese demands that certain apps be removed from the App Store in the region, being charged with aiding in the nation’s policies of censorship and suppression of information. The relationship after this attack may look very different in the future, although given the size of the market, Apple may feel the need for a more measured and diplomatic approach. They are walking a fine line between disappointing the sensibilities of American and European customers and alienating a government capable of denying them the huge Chinese customer base. The iCloud MITM attack however, cannot be interpreted as anything but a malicious assault on Apple and its customers, and will require some sort of response from the company.
Some pundits are postulating that this attack may be in response to new encryption software to iOS designed to prevent surveillance which has received criticism from the U.S. government and may have angered the Chinese authorities as well. Regardless of the cause, this iCloud MITM which has compromised the data of Chinese users has quickly cast a pall on the release of the iPhone 6 in that market.
By Jim Malone