Mat Honan, a technology journalist, had several of his cloud accounts “hacked” causing him to permanently lose email, documents, even pictures of his new born daughter. He wrote an article with all the details called How Apple and Amazon Security Flaws Led to My Epic Hacking.
The goal of the attackers was to take over his twitter account. They reached their goal by using bits of information from his different online accounts and engaging in social engineering: tricking tech support into giving them access. Amazon’s password reset process was easily foiled with a couple phone calls and Apple’s password reset system was then vulnerable with the information the attackers gained from the Amazon account.
In the process, they used his Apple iCloud account to initiate a “Remote Wipe,” which started to delete all the information on his Mac. They did this to prevent him from trying to take away the access they just gained. Because he didn’t have any backups, he permanently lost some of his email, documents and family pictures. What did the 19 year old that did this to him have to say for himself? “yea i really am a nice guy idk why i do some of the things i do.” The attacker is as eloquent as he is aware of the consequences of his actions.
There are a few things to take away from this story:
- If you have a digital asset that is seen as valuable, you are target and your online data can easily become collateral damage in the attacker’s pursuit of their objective. The valuable asset here was the three character twitter handle @mat, but could have easily been a website, facebook account or LinkedIn profile.
- Enable two-step authentication (also known as two-factor authentication) for your email address and any other accounts that support it. This makes your account more secure by requiring two factors to log in: your password and a code that is sent to your mobile phone. Someone would have to steal your phone to defeat this system.
- Backup your data! Doing a combination of online (cloud) backup and local (external hard drive) is best. If you’re doing backups online, be sure the email address that is connected to the backup account is protected by two-factor authentication.
- Be wary of turning on the “Find my Mac” feature; understand that if you turn it on and your iCloud account gets broken into, the attacker can remotely delete the data on your Mac.