‘The Snappening’ – the vast leak of Snapchat pictures, including thousands of nude images – and the infamous leak of photos from Apple’s iCloud, including much-swapped private photos of Jennifer Lawrence and other celebrities, demonstrate that internet users are too naive and trusting when it comes to storing their sensitive data.
Naked selfies appear to be the number one target for hackers to steal and share online. Indeed, it’s believed to be the same group of hackers behind both the Snapchat and the naked celebrity image thefts – and they’re threatening to reveal more.
While it might seem, on the surface, that this bears no relation to the enterprise, there are many people out there who are more than happy to share information on cloud services, using their corporate mobile devices to do so – often without understanding the risks they are taking.
Just ask Brooks Newmark, the hapless soon-to-be-former Conservative MP for Braintree, an individual inside the corridors of power who was apparently happy to share exceptionally private images with someone he thought was a young woman with a thing for balding, middle-aged men with a paunch. It wasn’t, hence the scandal ended up splashed all over newspaper front pages.
It’s a good thing he was only being asked to send photos of his private member. Would he have given up official secrets so readily to a stranger, just because he thought she (or he) had a pretty face?
All of these issues – Brooks Newmark’s scandal, Jennifer Lawrence’s naked photo leak and the Snappening – demonstrate one thing; that as individuals, we’re too keen to store our private information with cloud storage services, like the Apple iCloud, and app providers, without thinking of the consequence of doing so.
“I think this is a reminder to all of us that we’re too trusting with our data,” said Lawrence Jones, CEO and founder of internet hosting firm UKFast
“Technology enables us to do some amazing things. But the very nature of it and its accessibility means that we run the risk of rushing into things without asking the right questions. The right questions in this case are: who am I giving my data to and what steps have they taken to protect it?” he added.
However, Lawrence Jones believes that these incidents, particularly the Snappening – named to link it with the Jennifer Lawrence naked photo leak, dubbed “the Fappening” – will make people think more carefully about what data they share on their mobile devices and apps, as well as where, exactly, their photos and documents are stored.
“I think this incident has made people question how secure these kinds of apps are,” he said, going on to argue that users also need to be more careful when it comes to using unauthorised third-party applications, the use of which can put private files at risk of becoming very, very public.
“It’s worth noting that Snapsaved.com, the site from which images were reportedly hacked, wasn’t malicious. The app did what users were expecting, but it looks like the sysadmin [systems administration] side of things was overlooked based on the statement they made about having misconfigured their webservice,” he explained.
Who can you trust?
In other words, it is one thing to trust a cloud service to look after your precious data, but if you are allowing third-party apps to connect to them as well (for whatever reason), it will only be as secure as the weakest link – and you never know how weak that link might be.
Jones therefore argues that app developers must do as much as possible in order to ensure their applications and services remain as secure as possible. “While the application’s developers have rightly taken the blame for this error, it’s worth remembering that it’s also down to us, as internet users, to proceed with caution when it comes to sharing or storing sensitive data,” he said.
“If an official application like Snapchat prohibits you from using third-party sites, it’s for a good reason,” Jones added.