Cook says Apple will roll out new iCloud security alerts, expand 2-step authentication after celebrity photo flapIn response to a recently leaked cache of nude photos apparently stolen from celebrities' iCloud accounts, Apple CEO Tim Cook said the company plans to activate new security measures designed to thwart future attacks.
Speaking to The Wall Street Journal, Cook reiterated Apple's stance that iCloud was not breached before announcing new security protocols meant to give users a heads-up when changes are made to their accounts.
"When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," Cook said. "I think we have a responsibility to ratchet that up. That's not really an engineering thing."
To add an extra layer of protection, Cook said Apple will start sending out email and push notification alerts when an attempt is made to restore iCloud data to another device. The protocol adds to current safety measures that push out similar messages when a password has been changed or a device is first linked to an iCloud account.
With the alerts in place, iCloud users can quickly react to potential breaches by closing off access or deleting files before a nefarious user has a chance to download potentially sensitive data.
As for Apple's current security measures, Cook thinks the company is doing well, pointing to the iPhone 5s' Touch ID fingerprint recognition feature and iCloud's two-step authentication protocol, which requires users enter both a password and a separate code sent to a trusted device prior to making account changes. Cook said the feature's coverage area will be widened with the release of iOS 8 to include iCloud access from mobile devices. Cook also said Apple will be proactively pushing the two-factor system in the future.
Last weekend, dozens of nude photos taken from iCloud accounts belonging to Jennifer Lawrence, Kate Upton, Ariana Grande and more were dumped on the Web after being collected through various corners of the Internet, including anonymous image board AnonIB. In the ensuing aftermath, Apple issued a statement denying hackers were able to breach iCloud security, instead blaming targeted attacks that have "become all too common on the Internet."
Apple will continue to work with authorities toward finding the culprit or culprits behind the attacks and subsequent mass data leak.
"We want to do everything we can do to protect our customers, because we are as outraged if not more so than they are," Cook said.
On Topic: Security
- Apple's differential privacy in iOS 10 is opt-in, limited to four use cases
- Inside iOS 10: Apple doubles down on security with cutting edge differential privacy
- No warrant needed to obtain location data held by cellphone carriers, US court rules
- Courts predicted to side with law enforcement on fingerprint warrants for Apple's Touch ID
- US regulators probe Apple, Google, Verizon & others on security patches