Apple responded to concerns that its iCloud service was compromised following a widespread, man-in-the-middle (MITM) attack that is believed to have been sanctioned by the Chinese government.
First brought to light by GreatFire.org on Monday, the Chinese government is reportedly using the national firewall system (or the “Great Firewall of China,” as it’s colloquially known) to redirect iCloud users to spoofed pages. By fooling older browsers with phony certificates and hijacked addresses, the apparent intention is to compromise the credentials of unsuspecting visitors.
The source of the attack is reportedly China Telecom, a company with ties to Chinese leadership. In August, Apple agreed to store local China iCloud data in China Telecom’s servers.
On Tuesday, Apple told CNBC that it was aware of “intermittent organized network attacks,” but that iCloud servers hadn’t been compromised. The company also said that iCloud sign-in on mobile and Macs running the latest version of OS X are not at risk.
The same can’t be said for iCloud account holders who log in using outdated Internet browsers, which will not automatically warn of interception (newer distributions of Firefox and Chrome can alert of fake certificates). Users of those and other browsers can still get around the attack by using an unaffected IP address.
GreatFire.org speculates the attack is an attempt to circumvent security measures introduced with the iPhone 6 and 6 Plus, which went on sale in China last week. It’s hardly the first instance of a hack orchestrated by the Chinese government, though. Yahoo was targeted earlier this month, and a MITM attack continues to affect Microsoft’s Outlook mail service.