Case Study (Discussion)


In October 2014, iCloud, Apple cloud storage service was attacked by anonymous hacker or group of hackers. The method used by the hacker was "man-in-the-middle" (Timberg, 2014). This incident happened over one month after one of the most known iCloud hacks in history. In that attack, naked photos of celebrities were stolen and published on the Internet (Arthur, 2014). After that situation, Apple improved security systems and fixed some of the lacks.


However, on 20 October GreatFire.org, organisation of activists, which are monitoring the censorship in Chinese Internet reported the attack in China. Apple confirmed that one day later. Moreover, they declined any responsibility for the hack. GreatFire.org states that is Chinese government fault (Timberg, 2014).


Chinese government declines that blame. However, it is a fact, the Chinese government censor the Internet by using a technology called "The Great Firewall" (Shen, 2019). One of the causes of this practice is blocking the websites, which are using full SSL encryption (Roof, 2016). For example, Wikipedia was banned in China after update to full SSL encryption (Gamboa, 2016).

 

Chinese version of Wikipedia with full SSL encryption (Gamboa, 2016)

Chinese Internet is also low adopted to SSL technology, which is best for providing connection security. Gamboa (2016) states that the reason, why the Chinese Internet is not adopted to SSL is a fact, that SSL technology makes it more difficult to monitor and censor the content uploaded on websites.


Mentioned fact is related to lacks in security in Chinese browsers. Knockel, Senft and Deibert (2016) described QQ Browser, one of the most popular Chinese browsers as low protected, which a large number of lacks in protection. Authors mentioned that 6.3.0.1920 of QQ browser for Android to encryption was using 128 bits RSA key to encrypt data. However, it is recommended to use at least 2048 bits key in the RSA algorithm. It means encryption of QQ browser was not difficult to break.



Example of decrypted request, sensitive numbers are showed as # (Citizenlab, 2016)


All of showed lacks in cybersecurity made a "man-in-the-middle" attack possible. Combination of technology using by the Chinese government and lacks in security in Chinese software made hacker was able to track the packs of data. Hackers used a fake Apple certificate, to track the data traffic (Claburn, 2014). The most popular browsers such as Google Chrome or Mozilla Firefox are showing communicates about invalid certificates. However, according to Timberg (2014), some of the Chinese browsers are not showing that communicates.

 

Fake Apple certificate report (informationweek, 2014)

A man-in-the-middle attack, the method which was used in that specific case is intercepting the sending data by an outside entity (Publico, 2017). During this attack, hacker by using different techniques split the connection into two different connections, the first one between user and hacker, the second one between hacker and server. Hacker can steal confidential data, manipulate the information and sabotage the communication (Swinhoe, 2019).  

The implications of this hack were theft of username and passwords of Chinese iCloud users. Moreover, hackers gained access to all of the data stored on iCloud such as iMessages, photos and videos (Claburn, 2014). This incident starts the discussion about cybersecurity level in China, regarding politician aspects such as censorship on the Internet and forcing by Chinese government lacks in security, which allows monitoring the users. However, it makes attacks possible as well.


Limitation of this cyber-attack case study covered relation of the political aspects with cybersecurity level in China and showed how some of the cybersecurity lacks allowed to attack service created by one of the biggest IT company at the world. However, this incident can be analysed from many sides. The limitation does not cover the future Apple and Chinese government steps to improve the level of cybersecurity



References:

Arthur, C., 2014. Naked Celebrity Hack: Security Experts Focus On Icloud Backup Theory. [online] The Guardian. Available at: <https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence> [Accessed 3 December 2020].

Claburn, T., 2014. China Accused Of Attacking Apple Icloud - Informationweek. [online] InformationWeek. Available at: <https://www.informationweek.com/mobile/mobile-devices/china-accused-of-attacking-apple-icloud/d/d-id/1316787> [Accessed 4 December 2020].

Gamboa, J., 2016. SSL Usage In China - Dispatches By John P. Gamboa. [online] Dispatches by John P. Gamboa. Available at: <https://jpgamboa.com/ssl-usage-china/> [Accessed 20 November 2020]. 

Knockel, J., Senft, A. and Deibert, R., 2016. WUP! There It Is: Privacy And Security Issues In QQ Browser - The Citizen Lab. [online] The Citizen Lab. Available at: <https://citizenlab.ca/2016/03/privacy-security-issues-qq-browser/> [Accessed 4 December 2020].

Publico, R., 2017. What Is A Man-In-The-Middle Attack And How Can You Prevent It?. [online] GlobalSign GMO Internet, Inc. Available at: <https://www.globalsign.com/en/blog/what-is-a-man-in-the-middle-attack> [Accessed 4 December 2020].

Roof, K., 2016. Wikipedia Co-Founder Jimmy Wales Blasts “Deranged” Companies Editing Their Own Pages. [online] Techcrunch.com. Available at: <https://techcrunch.com/2016/03/13/wikipedia-co-founder-jimmy-wales-blasts-deranged-companies-editing-their-own-pages/> [Accessed 4 December 2020]. 

Shen, X., 2019. The Story Of China’S Great Firewall, The World’S Most Sophisticated Censorship System. [online] South China Morning Post. Available at: <https://www.scmp.com/abacus/who-what/what/article/3089836/story-chinas-great-firewall-worlds-most-sophisticated> [Accessed 20 November 2020]. 

Swinhoe, D., 2019. What Is A Man-In-The-Middle Attack? How Mitm Attacks Work And How To Prevent Them. [online] CSO Online. Available at: <https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html> [Accessed 4 December 2020].

Timberg, C., 2014. Apple’S Icloud Service Suffers Cyber-Attack In China, Putting Passwords In Peril. [online] The Washington Post. Available at: <https://www.washingtonpost.com/news/the-switch/wp/2014/10/21/apples-icloud-service-suffers-cyber-attack-in-china-putting-passwords-in-peril/> [Accessed 20 November 2020].












Comments

  1. Test4 December 2020 at 08:04

    Hi

    Good reference list and in text citations as per Harvard style.
    Please keep up with good work and not to miss deadline.

    Many thanks
    Chirag

    ReplyDelete
  2. Reema 7 December 2020 at 09:55

    Peer to peer review.

    Hi Daniel,
    Interesting information I enjoyed reading your case study. You've provided a background of Chine and its policies before discussing the main attack which have given the reader a better understanding. Furthermore, you have explained the type of attack and gave a good definition. Finally, it's good that the case study subject that you've chosen is regarding your project theme good job.
    Now for the overall feedback of the blog. I'm sure that you're aware that you're missing a few posts such as the primary research posts and the Model and Methodology post. I just want to remind you to work on them. Another thing is it would be a good idea to update both your Project plan and Gantt chart. And don't forget to mention on the digram's posts that the work is yours. Overall, you have done a great work, you've shown consistency on the topics chosen. Keep up the good work and good luck.

    Many thanks,
    Reema Alghamdi.

    ReplyDelete
    Replies
    1. Daniel10 December 2020 at 10:20

      Hi Reema
      Thanks for your feedback, I will post about the topics you mentioned. However, I think we can't update posts, which we wrote before continouos assessment.

      Delete

Post a Comment

Popular posts from this blog

SSL Asymmetric Encryption (Diagram 2)

Image
SSL Cryptography bases two types of encription, which is Asymmetric Encryption and Symmetric Encryption (Johansen, 2020). Asymetric Encription: This type of encryption is the most popular one, which is using usually. In this technology, client and server to connect use two different keys, public and private. Public key is using only for encryption. It means, anyone can use this key to encrypt the message. Private key is secret and is using only for decryption.   Asymmetric encryption (Author's work) Resources: Johansen, A., 2020. What Is Encryption And How Does It Protect Your Data? . [online] Us.norton.com. Available at: <https://us.norton.com/internetsecurity-privacy-what-is-encryption.html> [Accessed 20 November 2020].
Read more

Opinion about safety (Survey Analysis)

Image
In my questionnaire, I asked people about their feeling of internet safety. The question was "How safe do you feel with using internet services?" Author's work, 1 - not safe, 5 - very safe         As we can see, the majority of the group is feeling safe on the Internet. Only 6 of the responders are feeling completely safe, which is negative, because they may be less focused during using the Internet, which can cause an opportunity to be charmed by hackers. Development of cybersecurity technologies is possibly a reason, why nobody feels completely unsafe on the Internet. Author's work, 1 - not safe, 5 - very safe   However, the general feeling of safety on the Internet is not related to using online payments. As we can see in the diagram, more people are worried about their safety in case of online payments. Comparison of these 2 diagrams may suggest, people are more worried about their money, than their sensitive data such as name, address, location etc.
Read more

How Ransomware attack works? (Models & Methodologies)

Image
The history of ransomware attacks starts in 1989. The first known attack targeted the healthcare industry (De Groot, 2020). Currently, ransomware attacks are one of the most popular cyber attacks. It is as one of the biggest threats to cybersecurity (Thomas, 2019).   Ransomware is a type of malware, which is basing on files encryption. To do this type of attack, hackers are using different software. However, the method of the attack is usually the same.     Ransomware attack process (The Asean Post, 2019)       1. Spam attachment The most popular method of spreading ransomware is sending the email spam with infected link or attachment inside. Usually, a message in the email is telling an action is required. For example, the hacker is sending an email with an infected file named as "invoice" to the business owner (De Groot, 2020).    2. Malware execution The user, which is aware of receiving infected email is opening the attachment. The virus start...
Read more