Apple said Tuesday that hackers who posted hundreds of nude images of celebrities over the weekend didn’t penetrate its systems, but rather got access to the pictures through a “very targeted attack on user names, passwords and security questions.”
That type of attack, which ensnared celebrities including Jennifer Lawrence and Kate Upton, is known as a “brute-force attack,” in which hackers simply try a wide variety of username and password combinations in an attempt to gain access to a target’s account. It’s much simpler—and often less effective—than more complex attacks, but it can be effective if the targeted service doesn’t put a limit on the number of times a user can try to log in before it locks them out. In a brute-force attack, hackers often employ software specially written to come up with random combinations of usernames and passwords, vastly speeding up the process.
“None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone,” Apple said, meaning the attack targeted individual users rather than Apple’s systems as a whole. “We are continuing to work with law enforcement to help identify the criminals involved.”
Apple also advised users to turn on what’s called Two-Step Verification, which adds an extra layer of protection to online accounts. Essentially, two-step verification means that after users enter their memorized password, the service to which they’re logging in text-messages them a secondary, randomly-generated code. Users gain access to their account only after that secondary code is entered.
Two-step verification can foil a brute-force attack because it’s nearly impossible for hackers to gain access to targets’ phones.
- The Inside Story of Princeton's Cinderella Run at March Madness
- The Case for Betting on Succession's Tom Wambsgans
- For Both Donald Trump and Alvin Bragg, the Central Park Jogger Case Was a Turning Point
- If Donald Trump Is Indicted, Here's What Would Happen Next in the Process
- Alison Roman Won't Sugarcoat It
- Why Not All Observant Muslims Fast During Ramadan
- It's Time to Say a Loving Goodbye to John Wick
- Who Should Be on the 2023 TIME100? Vote Now
- Column: Ozempic Exposed the Cracks in the Body Positivity Movement