Tag Archives: SafeSync

Online Safety, home

Celebrity Hacking Scandal Exposes the Risks of Online Backup

1 Comment

The current celebrity hacking scandal is a stark reminder of the dangers of posting risqué photos to the Internet, but some of the comments of the parties involved suggest that they might not have known the photos were actually online. How is this possible?

Welcome to the age of automatic backup and cloud storage. Originally regarded as a life-saver for compulsive smartphone photographers and on-the-go office workers, online backup services are now giving users pause for thought.

In the current scandal, both the victims and outside observers have been quick to point the finger at iCloud, Apple’s backup service for iOS devices. Introduced in 2011, iCloud now has over 300 million users, who take advantage of the service to store music, photos, apps, documents, contacts, and more.

But as mentioned earlier, not everyone is aware that they are using iCloud or what iCloud is backing up and storing on their behalf. There is also an iCloud sub-service called Photo Stream, which automatically pushes photos to all the other devices registered to an iCloud user. These include not only phones and tablets but laptops and computers and even Apple TV.

Of course, Apple is not alone in offering these kind of backup and cloud storage services. Google has Google Drive, Microsoft offers OneDrive, and there are a host of third-party services such as Dropbox, Amazon Cloud Drive, SafeSync, and more. Once activated, each of these services works quietly in the background, periodically scanning content folders on various devices and updating to the cloud.

Playing the blame game

But even if we backup photos and other content without realizing it, aren’t these services supposed to be secure? The answer is clearly ‘yes,’ but once content is uploaded to the Internet, it immediately becomes vulnerable to hackers and all kinds of security breaches.

In the case of the celebrity photos that are currently circulating the Internet, Apple was quick to release a statement claiming that there was no breach in any of its cloud services, including iCloud and Find My iPhone. Instead they alleged that the hackers targeted user names, passwords and security questions. To protect against this type of attack, Apple recommended using a strong password and what it referred to as “two-step verification.”

What does all this mean? Well, it means that most of us, including well-known celebrities, are still incredibly sloppy when it comes to password use. One of the biggest vulnerabilities is in the area of password recovery. If a hacker knows someone’s e-mail address, then it can be relatively easy to recover a password, as the answers to secondary security questions such as ‘What was the name of your first pet?’ or ‘What is your mother’s maiden name?’ can be easily obtained through social media or other public sources.

While effective, the two-step verification that Apple recommends can be time-consuming and awkward, as it involves sending a secondary password to a cell phone or other device every time you log in. Almost every cloud service offers this extra protection but only a tiny fraction of users have signed on.

How can you protect your personal information?

So how can a celebrity – or regular user – protect their personal information? First of all, avoid using easy-to-hack passwords. You should also consider using one-off e-mail addresses for each of your cloud services, so it’s harder for anyone to claim a lost password. Also, lie when you answer those security questions. If you actually have a dog called Fido, that’s the last name you should use when asked about your favorite pet!

Next, consider using two-step authentication, even if it means more of a hassle when you log on. Barring a data breach at the server level, this is the one move that can almost guarantee the security of your account.

Finally, if you want to make sure you don’t want someone to have access to your personal information, don’t put it online – period. To be honest, the idea that major box office celebrities and models would happily post nude pictures of themselves to the Internet is a bit of a head-scratcher, unless they didn’t realize they were posting online in the first place. Yes, there is an expectation of privacy, but that expectation is diminished with every new headline detailing the perils of the digital age.