A recent attack on cloud accounts belonging to about 20 celebrities is underscoring the importance of employing sophisticated password protection across all of your devices.
The hackers stole nude photos of stars like Jennifer Lawrence, Kate Upton and Lea Michele from their private accounts and leaked them on the Internet. Initially, it appeared that the security breach might have been the result of a failure in the Apple iCloud and Find My iPhone app. However, Apple has since denied that claim. The company says that the attacks were targeted efforts to gain access to celebrity accounts by cracking their login identification credentials, passwords and security questions.
"This isn't the first time photos have been taken off cloud storage and it won't be the last," Dr. Steven Murdoch, a University College London information security researcher, told BBC News. "It's not fair to blame the victims of crime who may have simply been following the instructions websites are giving to protect their accounts …↑ If you contrast what Apple and Dropbox and Google are doing with what banks are doing, then you can see the banks are taking significantly more steps to protect their customers."
While Murdoch is absolutely right that the victims in these cases are in no way deserving of blame - on the contrary, as innocent people targeted by malicious criminal activity, they deserve nothing but sympathy and support - such attacks do serve as cautionary tales for other Internet users. Unfortunately, most social media and cloud storage sites simply don't utilize sufficient safety measures or require users to employ adequately complex passwords. That means that it's ultimately up to you to guard your privacy and take your digital security into your own hands.
According to Apple, the cyber criminals were able to break into the nearly two-dozen celebrity accounts by launching targeted campaigns to learn their passwords. This illustrates the importance of creating hard-to-guess entry codes, using a combination of lower and upper case letters, symbols and numbers. Avoid using proper names or words, as they are more easily cracked. The best passwords are random combinations of characters without meaning.
You should also remember to view any messages requesting your personal information - such as name, email address, account names, passwords, birthday, etc. - with great suspicion. Some hackers are able to gain access to private data through a process known as phishing. For example, they may email you pretending to be your bank and asking you to confirm your user ID and password. Some of these messages look incredibly realistic, so it's important to keep your guard up. If you have any doubt, follow up with the organization in question directly.
Initially, analysts thought that hackers might have gained access to the celebrities' accounts by "brute force," a process in which they use software to automatically scroll through thousands of different password combinations in an effort to gain entry. Although Apple says this was not the case, it is still important to use different passwords across all of your online accounts. Imagine if hackers were able to guess your Twitter password through brute force. If all of your passwords are the same, then they now have unfettered access to your banking profile, investment accounts, Facebook page, online medical records and, yes, cloud storage. On the other hand, if all of your entry codes are unique, any damage will be contained to the account that was initially hacked.
Use a password manager to keep track of all of your different pins, passwords and two-factor authentication codes. Such user-friendly password vaults store all of your login information on your computer behind a thick digital shield. After you sign in using your master key password, the program will log you into each of your accounts using the unique entry codes it has on file. This way, you have the security of multiple unique passwords and the convenience of a single sign on.