Apple silent as Turkish Crime Family threatens to erase 200 million iCloud accounts
Cloud storage has long been heralded as the future of an increasingly data-heavy world. However, while businesses are increasingly shifting to storing information on the cloud, multiple hacks of cloud-based storage systems have shown the riskiness involved with relying on online storage. Now, a new incident involving Apple could be the biggest example yet of just why users should be wary of online data storage.
200 million iCloud accounts at stake
Apple and its iCloud facility are no strangers to being hacked. In 2014, hackers managed to access iCloud accounts of many high-profile individuals, resulting in nudes of many celebrities being leaked into the public domain. Apparently, Apple hasn't learned from their mistakes. Now, a hacker's collective called the Turkish Crime Family is claiming to have pulled off a hack far greater than anything in Apple's history.
The hackers have contacted various media outlets with their claims and demands, stating that they have access to cached information from both iCloud accounts as well as Apple mail accounts. The extent of their hack is reflected in their threat – they will wipe out hundreds of millions of iCloud accounts on 7 April should Apple refuse to pay up.
Mercifully for Apple, a company that rakes in billions every quarter, the hackers' demands aren't really going to make a dent in their bottom line. According to Motherboard, the hackers are only demanding US $75,000 in either Bitcoin or Ethereum (another crypto-currency) or $100,000 in iTunes gift cards.
Is this hack for real?
As proof of the hack, Motherboard was given access to an email account supposedly being used to communicate with Apple that showed there has been a back-and-forth between them and Apple's security team going back weeks.
However, these communications aren't entirely conclusive as the figures mentioned in the various emails do not add up.
While one email claimed hackers had access to 200 million iCloud accounts, another claimed the figure was 300 million, while a third claimed they had almost double that with 559 million accounts.
Despite this discrepancy, other emails seem to lend credibility to their claims. In these emails, unnamed members of Apple's security team appear to be concerned about the hack, asking the hackers to prove their claims by sharing “a sample of the data set”.
In a screenshot of another email, another unnamed Apple security personnel asks the group to take down a video that they'd posted on YouTube as proof of their capabilities. The video contained footage of the hacker accessing the iCloud account of an elderly woman, browsing through her photos and displaying the ability to reset the account, effectively wiping it clean.
However, despite this, the same screenshot shows Apple taking a tough stand and refusing (at least publicly) to meet the hackers' demands. “We would like you to know that we do not reward cyber criminals for breaking the law,” the screenshot reads, adding that they would forward the email conversations to the concerned authorities.
Storm clouds for Apple
If the hackers were to make good on their threat, it would undoubtedly spell a lot of trouble for Apple. However, despite the very severe nature of the threat, it's unlikely that we will see it come to fruition. The US $75,000-100,000 ransom being demanded is peanuts compared to Apple's earnings, meaning Apple will pay up without batting an eyelid should they deem the threats credible.
By maintaining a stoic silence on the matter, the tech behemoth has also absolved itself of the need to go public with any new developments. It also allows them the ability to deny that any such hacks actually took place, allowing them to save face with their customers.
However, this news should come as an eye-opener to Apple fans who place a great degree of trust in the security of the company's devices. Earlier this year Wikileaks' dump of secret CIA documents had also shown that the company's technology was susceptible to hacks. This latest news should only make Apple customers warier.
However, the party that should be most concerned is Apple itself. The success it has enjoyed over the last decade-and-a-half has seemingly lulled the company into a false sense of complacency. Apple needs to reassess its security to ensure that the trust its users place in it is justified.