In a massive structure in Maiden, North Carolina, surrounded by a farm of solar panels, hundreds of servers help one of the world’s largest tech companies store millions of bytes of private information. Online data-backup services may seem shiny, convenient and helpful, but the very permanent nature of anything digital makes the services slightly dangerous, especially with personal information.
One of the most popular and well-advertised of these services, iCloud, has come under scrutiny recently after the leak of hundreds of private photos from celebrity accounts. Among the hacked celebrities were Jennifer Lawrence, Ariana Grande and Kate Upton.
“I was not surprised (by the iCloud hack),” said Information Technology and Services and Network Engineer and Macintosh Specialist Brian McCaffrey in an email interview.
“iCloud is a massive cloud storage service that houses personal data for millions of people. That would be a hackers dream.”
One of iCloud’s prominent features backs up photos, notes, emails and text messages. It even saves them if they are deleted from their original phone or tablet. The files can then be accessed by logging into the user’s account from any machine and simply sifting through their data.
“I believe the party at fault is the users themselves,” said Early College junior Aidan Maycock in an email interview. “The attackers simply guessed, or derived, the celebrity account details from publicly available info (on them).”
The leak of sensitive material demonstrated that malicious people on the Internet will do anything and that personal security is paramount in modern Internet culture.
“You have to have a good password and security questions,” said Guilford Help Desk Team Leader Ian Hulsey. “That’s harder for public figures since you can find so much of their information online.”
For both public figures and average users across the globe, perhaps, a false sense of confidence is part of the problem.
“(Before the leak), Apple users were very arrogant because they were not targeted,” said Visiting Assistant Professor of Computing Technology and Information Systems Chafic BouSaba. “When they were targeted, hackers were able to take them down quite easily.”
Then why can Apple not do more in order to secure accounts of prominent figures? Though it appears many of these celebrities could have helped themselves by avoiding easy-to-guess passwords, why was more not done to protect them?
“I would think that a large company like Apple would have tons of security measures in place to prevent that from happening,” said McCaffery.
Many other access-anywhere services like iCloud that store sensitive information require extra authorization whenever logging in from a new computer. That extra step helps to prevent hackers gaining unwanted access, perhaps not entirely, but to some extent.
Apple does not deserve all the blame. Their privacy policy outlines the way they use both encryption and physical on-site measures to secure iCloud backup information. At the same time, they can always do more.
Apple could follow in the footsteps of Google and Steam. These companies require an extra authorization code from the account holder’s email. Though the email itself could be hacked, this added measure can still do some good.
Memories of this event will not go away immediately. Anyone who uses the Internet should use it as a cautionary tale, while those in software should seek to prevent it, or anything like it, from ever happening again.
“The less you are connected to websites, the safer you are,” said BouSaba.
He is right. But in the age we live in, not connecting is impossible. All we can do is stay careful and stay alert.