Apple posts new security warning to iCloud users

22 Oct 2014

Apple has posted a new security warning for users of its iCloud online storage service even as reports emerge of a determined effort to steal passwords and other data from people who use the service in China, The Herald Scotland reported.

"We're aware of intermittent organised network attacks using insecure certificates to obtain user information and we take this very seriously," the computer-maker said on its support website. According to the post, Apple's own servers were not compromised.

However the warning made no mention of China, neither did it provide details on the attacks.

Several news reports had reported Chinese mobile internet users had started seeing warnings that indicated they had been diverted to an unauthorised website when they attempted to sign into their iCloud accounts.

Computer security experts call the diversion as a "man in the middle" attack, which could allow a third-party to copy and steal the passwords that users entered when they thought they were signing into Apple's service.

The passwords could then be used by hackers to collect other data from the users' accounts.

Chinese activists blame the government for the attacks and Chinese activist website GreatFire.org suggests the campaign had much to do with the fact that Apple recently began selling its newest iPhone models, the iPhone 6 and 6 Plus, in China (See: iPhone 6 users in China face major threat to security).

The smartphones use software with enhanced encryption features for the protection of Apple users' data.

Apple said yesterday it was ''aware of intermittent organised network attacks'' on its iCloud service aimed at obtaining user information, according to a company support page.

According to Apple, the iCloud servers were still secure but advised customers accessing the service to always verify that they had connected to an authentic iCloud website via a trusted browser, PC World reported.

The man-in-the-middle attack on the iCloud service was just one of several in China that had targeted US websites. Starting late last month, Yahoo site visits from China were also mysteriously returning invalid digital certificates.

According to security vendor Netresec, which analysed the attack on the iCloud service, it appeared to be conducted over networks belonging to China Telecom, and China Unicom, two state-controlled broadband providers.

According to Su Gim Goh, a security adviser with F-Secure, the sophistication of the attack probably meant the hackers had access to an internet service provider, allowing them to create the insecure connections to the Apple site.

He said it was not something that an amateur could have done. He added that an organised group or government could have been behind it.