Case Study (Method)

Greatfire.org, group of activists, which is monitoring Internet censorship in China reported the attack on 20 October 2014. One day later, hack has been confirmed by Apple (Timberg, 2014). Method used to hack was "man-in-the-middle" (Linshi, 2014). This method can work, when connection between user and service is not encrypted, which is common in China. Hacker can track data packages sent by user, which allows them to grab some information such as password and username (Nohe, 2018).

"Man-in-the-middle" scheme (thesslstore.com, 2018)


This hack starts a discussion about lacks in cybersecurity in China. GreatFire.org states that it was not their fault. Owner of the iCloud blamed Chinese government (Timberg, 2014). Moreover, the organisation mentioned, this attack can be organised by some Chinese authorities, regarding images and videos from Hong Kong protests (Augenbraun, 2014). However, the Chinese government denies responsibility for this hack (Timberg, 2014).



References

Augenbraun, E., 2014. Attack Reported On Apple Icloud In China. [online] Cbsnews.com. Available at: <https://www.cbsnews.com/news/attack-on-icloud-via-iphone-6-devices-sold-in-china/> [Accessed 4 December 2020].

Linshi, J., 2014. China Icloud Hack Is Latest State-Supported Attack, Report Says. [online] Time. Available at: <https://time.com/3529887/icloud-iphone-china-hack/> [Accessed 4 December 2020].


Nohe, P., 2018. Executing A Man-In-The-Middle Attack In Just 15 Minutes - Hashed Out. [online] Hashed Out by The SSL Store™. Available at: <https://www.thesslstore.com/blog/man-in-the-middle-attack-2/> [Accessed 3 December 2020].

Timberg, C., 2014. Apple’S Icloud Service Suffers Cyber-Attack In China, Putting Passwords In Peril. [online] The Washington Post. Available at: <https://www.washingtonpost.com/news/the-switch/wp/2014/10/21/apples-icloud-service-suffers-cyber-attack-in-china-putting-passwords-in-peril/> [Accessed 20 November 2020]. 

 



Comments

  1. Test4 December 2020 at 05:52

    Hi

    Appropriately following with Harvard style of reference list and in text citations.
    Please keep blogging and posting regularly.

    Many thanks
    Chirag

    ReplyDelete

Post a Comment

Popular posts from this blog

SSL Asymmetric Encryption (Diagram 2)

Image
SSL Cryptography bases two types of encription, which is Asymmetric Encryption and Symmetric Encryption (Johansen, 2020). Asymetric Encription: This type of encryption is the most popular one, which is using usually. In this technology, client and server to connect use two different keys, public and private. Public key is using only for encryption. It means, anyone can use this key to encrypt the message. Private key is secret and is using only for decryption.   Asymmetric encryption (Author's work) Resources: Johansen, A., 2020. What Is Encryption And How Does It Protect Your Data? . [online] Us.norton.com. Available at: <https://us.norton.com/internetsecurity-privacy-what-is-encryption.html> [Accessed 20 November 2020].
Read more

Opinion about safety (Survey Analysis)

Image
In my questionnaire, I asked people about their feeling of internet safety. The question was "How safe do you feel with using internet services?" Author's work, 1 - not safe, 5 - very safe         As we can see, the majority of the group is feeling safe on the Internet. Only 6 of the responders are feeling completely safe, which is negative, because they may be less focused during using the Internet, which can cause an opportunity to be charmed by hackers. Development of cybersecurity technologies is possibly a reason, why nobody feels completely unsafe on the Internet. Author's work, 1 - not safe, 5 - very safe   However, the general feeling of safety on the Internet is not related to using online payments. As we can see in the diagram, more people are worried about their safety in case of online payments. Comparison of these 2 diagrams may suggest, people are more worried about their money, than their sensitive data such as name, address, location etc.
Read more

How Ransomware attack works? (Models & Methodologies)

Image
The history of ransomware attacks starts in 1989. The first known attack targeted the healthcare industry (De Groot, 2020). Currently, ransomware attacks are one of the most popular cyber attacks. It is as one of the biggest threats to cybersecurity (Thomas, 2019).   Ransomware is a type of malware, which is basing on files encryption. To do this type of attack, hackers are using different software. However, the method of the attack is usually the same.     Ransomware attack process (The Asean Post, 2019)       1. Spam attachment The most popular method of spreading ransomware is sending the email spam with infected link or attachment inside. Usually, a message in the email is telling an action is required. For example, the hacker is sending an email with an infected file named as "invoice" to the business owner (De Groot, 2020).    2. Malware execution The user, which is aware of receiving infected email is opening the attachment. The virus start...
Read more