Following the recent leaking of nude pictures of celebrities from their iCloud accounts, Apple have stated that iCloud security measures are to be improved. Apple CEO Tim Cook said “We want to do everything we can do to protect our customers, because we are as outraged if not more so than they are”.
During an interview with The Wall street Journal yesterday, Tim Cook said that no Apple IDs or passwords had been leaked from the company’s servers and that the attacks had been targeted with the hackers correctly guessing the victims passwords or answers to security questions, he insisted that it was not a widespread hack of iCloud. Tim Cook said “When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece,” he said. “I think we have a responsibility to ratchet that up. That’s not really an engineering thing.”
As an initial improvement Apple is to introduce new security updates to the logging in system for iCloud and iTunes, this will happen within two weeks. These new updates will consist of users being alerted via email and push notification whenever someone tries to access their account from a new device, if a device logs into their account for the first time, or if someone tries to change a password. These measures will enhance security and give users time to take action should they become the victim of a hacking attack; unfortunately this will not protect all areas of iCloud, including photo storage, this problem will only be resolved with the release of iOS 8 in a few weeks time. Apple will extend its two step authentication security feature to include access to iCloud accounts when iOS 8 is released; this security feature already applies to iTunes accounts. The two step authentication system sends a unique passcode to another registered device, such as a push notification to an iPhone; the user is then required to enter this code to access their account. Apple said that as most users do not use the two step authentication security feature it intends to aggressively encourage the use of it in iOS 8, Apple said that if those celebrities had been using the security feature the hackers would have been unable to correctly guess their passwords or answers to security questions.
Apple said it is investigating the incident along with law enforcement and working to identify those responsible for the hacking, as this was an ongoing investigation Apple declined to confirm just how many accounts had been hacked.