Apple promises to beef up iCloud security to protect users

Firm to broaden use of the two-factor authentication security system to avoid future intrusions

Model-turned-actress Kate Upton (pictured) and Oscar winner Jennifer Lawrence were among the celebrities who were hacked last weekend. Photograph: Reuters
Model-turned-actress Kate Upton (pictured) and Oscar winner Jennifer Lawrence were among the celebrities who were hacked last weekend. Photograph: Reuters

Apple is planning additional steps to keep hackers out of user accounts in the face of the recent celebrity photo scandal and will aggressively encourage users to take stricter security measures, chief executive Tim Cook has told the Wall Street Journal in an interview.

Apple will alert users through email and push notifications when someone tries to change an account password, restore iCloud data to a new device, or when a device logs into an account for the first time, the report said.

Apple is moving quickly to restore confidence in its systems’ security ahead of the crucial launch of its new iPhone next week.

The moves comes shortly after the company was forced to deny that the iCloud service was breached when hackers stole intimate photographs of a number of Hollywood celebrities and posted them online last weekend.

READ MORE

Mr Cook said Apple will broaden its use of the two-factor authentication security system to avoid future intrusions, the Journal reported.

The two-factor authentication requires a user to have two of three things to access an account, which may include a password, a separate four-digit one-time code, or a long access key given to the user when they signed up for the service.

The iPhone maker said it plans to more aggressively encourage people to turn on the two-factor authentication in the new version of iOS, the daily reported.

"The usability battle will always be there but could you ever imagine using your debit card at an ATM and not entering a pin? That's two factor, something you have (a card) & something you know (a pin), and we all get along just fine," WhiteHat Security's Matt Johansen told Reuters.

Apple said on Tuesday the attacks that emerged over the Labor Day weekend on celebrities’ iCloud accounts were individually targeted, and that none of the cases it investigated had resulted from a breach of its systems.

Some security experts have faulted Apple for failing to make its devices and software easier to secure through two-factor authentication, which requires a separate verification code after users log in initially.

Apple could also do more to advertise that option, they said. Most people do not bother with security measures because of the extra hassle, experts say, and the leading phone makers are partly to blame.

The iCloud service allows users to store photos and other content and access it from any Apple device. Security in the cloud has been a paramount concern in past years, but that has not stopped the rapid adoption of services that offer reams of storage and management of data and content off smartphones and computers.

Reuters