Businesses using BlackBerry’s cloud-based services should not be spooked by hackers who stole nude photographs of celebrities out of the Apple iCloud, says an independent technology analyst.
London, Ont.-based Carmi Levy said Apple’s iCloud was built for consumers and BlackBerry’s suite of cloud services are for the corporate and enterprise world.
“That has significant implications for the kinds of security features built into the service,” Levy said. “They are two very different animals.”
On Sunday, hackers posted hundreds of nude photos of celebrities stolen from their personal Apple accounts. Apple says the hackers made targeted attacks against select celebrities.
“This incident uncovered a fundamental weakness in Apple’s security infrastructure for the iCloud that it has since resolved,” Levy said.
Apple users have a security code that is four digits by default. Such codes can be cracked by regular computers using programs that run all possible combinations in a short period of time.
This is known as a bruteforce attack.
In addition, the iPhone app called Find My Phone had no limits on how many times a user tries an incorrect password. Users or hackers are locked out of most other systems after three incorrect attempts.
That made the Find My Phone app easy pickings for a brute-force attack.
“It was all too easy for hackers using a certain piece of software known as iBrute to bypass the alarm that would advise a user that someone is repeatedly trying to break into their account,” Levy said. The security standards in the enterprise sector are far more stringent, and information technology professionals there would respond differently, he said.
“An IT decision maker would know full well to implement two-factor authentication on all devices, right out of the gate,” Levy said. “Whereas in Apple’s case, consumers don’t necessarily think or act that way.”
The cloud became a popular term in the digital world around 2010. It is marketing jargon for third-party data centres where information is stored, rather than on individual phones, laptops and tablets. Earlier this year, BlackBerry made it clear it would expand its offerings of cloud-based services for enterprise customers as a key part of its turnaround strategy.
“You cannot shut down investments in technology, including mobility, including the cloud, every time someone suffers a breach,” Levy said. “The Apple iCloud experience gives us an opportunity to learn some very important lessons about mobile security, but it is not a reason to write off the entire space.”
Nobody should be too hard on Apple for being hacked, he said.
“It is somewhat unfair to single out Apple, given the fact that any technology company can be victimized on any given day,” Levy said.
“It is almost impossible to find a major vendor that has not been compromised in some way, or whose name has not been dragged through the mud by hackers.”
DISCLOSURE: BBRY is the largest long position held by Jack A. Bass Managed Accounts