Chinese government reportedly denies an attempt to intercept user data from Apple’s iCloud
The Chinese government has been accused of allegedly hacking Apple in an effort to collect user data from its iCloud service.
But Chinese authorities have denied the accusations and said it was untrue.
The accusation against the Chinese government was made in a report by the censorship campaign website Greatfire.org. In a blog posting, it said that the Chinese authorities were staging a man-in-the-middle (MITM) attack on Apple’s iCloud.
That type of attack sees the hacker placing a false website or login page between the genuine log-in page and iCloud’s servers.
“This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc,” said the blog posting. “Unlike the recent attack on Google, this attack is nationwide and coincides with the launch today in China of the newest iPhone.”
“If users ignored the security warning and clicked through to the Apple site and entered their username and password, this information has now been compromised by the Chinese authorities,” it warned.
It pointed out that the attack may be related to images and videos of the Hong Kong protests.
“This latest MITM attack may be related to the increased security aspects of Apple’s new iPhone,” Greatfire wrote. “When details of the new iPhone were announced, we felt that perhaps that the Chinese authorities would not allow the phone to be sold on the mainland. Ironically, Apple increased the encryption aspects on the phone allegedly to prevent snooping from the NSA.”
“This attack will come as a surprise to Apple,” said Greatfire.org. “In the past, the company has had a bromance with the authorities and have blindly acquiesced when asked to remove apps from the China app store. With such a close, cozy and snuggly relationship, it is hard to imagine that the executives at Apple felt that they would get this kind of treatment in China.”
But a Chinese government spokesman has reportedly denied any involvement in the attack.
Hua Chunying, a spokeswoman for China’s foreign ministry, was quoted by the BBC as telling journalists that the government was “resolutely opposed” to hacking.
Last month it was revealed that Apple is to hire a local manager in China to deal with Chinese government data requests on users.
The decision to hire a “head of law enforcement” in Beijing to deal with government data requests comes after Apple revealed it would begin storing the personal data of Chinese users on servers within mainland China itself. Apple said the move would result in a faster service for domestic iCloud users, but some of its competitors have refused to build data centres in China because of censorship and privacy concerns.
Apple has also previously been excluded from government procurement lists, because of “security concerns,” following the Edward Snowden revelations about NSA spying. As a result, Chinese government officials will be unable to buy Apple iPads and MacBook laptops for government projects that utilise public money.
And in July Apple had to vigorously deny claims by a Chinese television broadcaster that its smartphones were a national security risk.
Are you an Apple expert? Try our quiz!