Could Jennifer Lawrence Have Protected Her Photos From Hackers?
Sep 4, 2014 2:37:00 PM / by Team Gwava
Celebrity Nude Photos Hacked and Stolen
Hackers claim to have gained access to the personal private data belonging to a number of celebrities. Jennifer Lawrence, Kate Hudson, Kirsten Dunst, pop star Ariana Grande, and many others have had their nude photos posted on the web by these hackers. It is personal private data...stolen and made public for all the world to see. How did this flagrant violation of privacy happen and what steps can you take to prevent this sort of thing from happening to you? Learn how to keep control of your personal private data and don't give the hackers a chance.
How did this happen?
The initial claim was that the hackers gained access to these celebrities iCloud accounts, and it could have happened this way. If this was the case, most likely, these stars’ iCloud account passwords were obtained through a phishing or brute-force attack. There is also the possibility that a past security vulnerability within iCloud was used, but has since been closed. Apple has denied that iCloud itself was hacked, but that they “...have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords, and security questions, a practice that has become all too common on the Internet.”
Why are their nude photos on the cloud anyway?
Over the last several years, smartphone operating systems like Google’s Android, Microsoft’s Windows Phone and Apple’s iOS have been adding features in an attempt to make life easier for their consumers. One of those important features has been automatic photo backups. You may not even know that your phone is backing up your photos, because it happens in the background. Android uses the Photos app, as well as Google+ and Google Drive, to automatically backup the photos you take. Windows Phone uses Onedrive, while iOS uses Photo Stream to automatically upload your photos from your iPhone, iPod, or iPad to their iCloud service. Other cloud storage services like DropBox and Flickr may also be automatically backing up your photos to their cloud servers, if you have those apps installed on your mobile device. It should also be mentioned that all these services have desktop applications on Windows and OSX that have the same auto photo backup services which may be enabled on your work or home computer.
So what can you do to prevent this from happening to you?
First and most importantly, to keep your accounts from getting hacked, you need to be vigilant about creating and using strong passwords! Create long passwords that include a mixture of uppercase and lowercase letters, numbers, and special characters. Avoid using any personal information (names, meaningful dates, postal codes, addresses, etc.) that could be known or found by the hacker. It is very important that you create different passwords for each of the websites and services you use. If you re-use the same password over and over again, the hacker need only breach one account and get access to everything else. It is also important that you change your passwords frequently. It is suggested that they be changed every 3 months. Managing these passwords can be difficult and frustrating, but there are several secure password managers you can use to encrypt and keep track of your numerous usernames and passwords. They are available not only in desktop applications with web browser plugins, but also have mobile apps you can use on your phone or tablet. They are each available for OS X, Windows, iOS, and Android. Here are several you might consider:
- LastPass (Mac | Windows | iOS | Android)
- KeePass (Mac | Windows | iOS | Android)
- 1Password (Mac | Windows | iOS | Android)
- Roboform (Mac | Windows | iOS | Android)
- MSecure (Mac | Windows | iOS | Android)
- Dashlane (Mac | Windows | iOS | Android)
You should also seriously consider setting up 2-step authentication for the services you use and have it available. 2-step authentication requires you to enter a separate code given to you, via text message or another application, from the service when you login from a different location or device. The following services offer two-step authentication:
- Google and Gmail
- Apple iCloud
- Facebook (Settings > Security > Login Approvals)
UPDATE: According to this TechCrunch article, Apple’s Two Factor Authentication Doesn’t Protect iCloud Backups Or Photo Streams. 2-step authentication may not currently protect your iCloud photostream but it will add a layer of security for the rest of your Apple account information.
You can further protect yourself by installing a security software suite on your desktop computer or your mobile devices as an additional line of defense for your data. We recommend the following products:
- Kaspersky PURE 3.0 Total Security for Windows
- Kaspersky Internet Security for Mac
- Kaspersky Internet Security for Android
- Kaspersky Safe Browser for iOS
You also need to be on the lookout for phishing scams which attempt to trick you into providing your password. These schemes are usually attempted by sending the target an email and asking them to log into their account. The link sends them to a fake website that is just collecting the username and password. Never click on links in unrequested emails from services you use. If you ever have a question about an email you receive, always go to the original website address for this service by typing the URL into your browser. Do not click on the link in the email. Another great suggestion: don’t use Public Wifi Access Points! Most Wi-Fi hotspots don’t encrypt the information you send over the internet and they aren’t secure. If you use an unsecured access point to log in to an unencrypted site, other users on the network can see what you see and see what you send. Your your login credentials could be up for grabs.
To Backup or Not to Backup, that is the question
Now you have your security and account passwords up to snuff, you have a decision to make. Do you want your photos or your personal private data automatically backed up to cloud? Having backups of your photos is a good thing, and having them backed up automatically is super easy. If you don’t see this as a benefit, you can just turn the automatic photo backup service off on your device or computer. Here are some links with directions to turn off various automatic backup services we have mentioned in this post:
- How to turn off iOS iCloud Photo Stream automatic photo backup
- How to turn off Google Photos automatic backup
- How to turn off Windows Phone automatic photo backup
- How to disable Dropbox photo upload (various devices see links on page)
- How to turn off Flickr app photo Auto Sync
What have we learned?
The most important thing you should learn is that there are people out there who have no regard for your privacy. They are scratching and digging to find a way to hack in and obtain your information. It may be your photos, it could your bank account information. The hackers don’t really care what they can find, and they will continue to make attempts to access your accounts. Currently, there is no reason to believe that the backup services themselves have been hacked. But it may just be a matter of time before one of them is compromised. These companies have security experts working to prevent unauthorized access, but much of the liability is put upon you. It is your responsibility to be aware of the information you and your devices are creating and storing. It is also your responsibility to know how and where this data is being stored. Make sure you have strong, secure passwords for ALL of your devices and the services you use and take back control of your data.
GWAVA delivers messaging security, unified archiving and retrieval, social media, and mobile data management for thousands of organizations with millions of users around the world. GWAVA is the trusted partner that secures and protects the world’s most critical messaging infrastructures. GWAVA maintains a network of global channel partners to ensure widespread access to GWAVA’s leading edge solutions. Find out more at www.GWAVA.com