Following case study is about the threats that Apple, the largest manufacturer of mobile phones received from a group of Turkish Hackers asking for a ransom in exchange for the 200 million iCloud accounts that they have laid their hands on. They have threatened the company to leak all these data if they are not willing to pay the amount by the given deadline that is 7th March, 2017 (Forbes.com 2017).
1. What's going on?
- Apple the largest manufacturer of phone is currently under attack from a Turkish group of hackers stating that they got an access to about 200 million of iCloud accounts.
- They are threatening to wipe all the data if apple does not pay them an amount between $75,000 ransoms in Bitcoins or $100,000 iTunes gift cards.
- They also gave Apple a deadline for 7thMarch 2017 after which they will clean slate all the data that they have access to or worst they will publish it to the public where everyone’s personal data will be on display and there will be no trace about who posted them or from where it came.
- Same thing happened previously also where hackers posted all the private images of famous celebrities on display (com 2017).
2. What are the facts?
- The Turkish group of hackers already have submitted their evidence to their claims to tech site Motherboard with the demand for a ransom from Apple.
- Motherboardhave already confirmed to these claims and also shown some screenshots where the Apple security team is negotiating with the hackers about their threats.
- They have also shown the video of where they have the access to these accounts and a short footage of how they did this.
- They have clearly stated that they are going to wipe out the whole device if they do not come down to their terms.
- Apple has started suggesting their users to change their password and they are working on Two-Step verification so as to minimize the effect (com 2017).
3. What are the issues?
- The main issue that lies is that Apple should take care of their security because millions of people are connected through iCloud and their personal and sensitive data are stored there and it is the soul duty of Apple to provide security to these data so that these data does not come out in open.
- Same thing happened previously also where the private images of many celebrities were exposed in front of the whole world (com 2017).
- Apple should seriously take their security issues about these so as to minimize the effect. With this the hackers got access to about 200 million accounts and this has been even verified by a trusted site.
4. Who is affected?
- The ones who are affected are the users as well as the company itself as it failed to provide better security protections to their users.
- For this the users are facing the consequences that their personal data will be either displayed in public or their whole iCloud account will be locked away or it will be wiped out fully (com 2017).
- The main problem is that the whole data is now out in the world and some other group of hackers can also get their hands on.
- The company also have to face many criticisms due to their lack in security as they promise to their users but not able to provide that.
5. What are the ethical issues and their implications?
- The ethical issues that the company faced were that it failed to provide the security to their users’ foe due to which their personal data is on stake where anyone can view it after 7thMarch if Apple fails to pay the ransom (com 2017).
- Due to their negligence in their security systems, the common people are facing the consequences by paying their personal data to the whole world as the data is out in the wild so any other hacker group can access it and even publish it.
6. What could have been done about it?
- This could have been avoided if Apple took their security issues more seriously and update their security algorithm on an interval so that the hackers could not get their access to these files and steal them to threat the users as well as the company (com 2017).
- The users should also try to update their passwords at a regular interval and it should contain alphanumeric values along with special characters so to increase the complexity and this would keep the hackers away.
- Apple should try implementing their bit encryption.
7. What are the options?
- There are number of possible options that were available with the company as well as the users.
- The company officials should have added more secure encryption to their iCloud sites so that the hackers could not able to pass through it.
- The users should try more combination of passwords rather than going for a simple password which can be easily broken (com 2017).
- Company should also add encryption to the passwords so that the hackers were not able crack it.
8. Which option is the best and why?
- The best option would be that the company officials should not have gone for adding 128-bit encryption which is really tough to break.
- It would take a supercomputer to break the password for about hundred years so this would be the best way to protect the data whatever is present in there.
- With the encryption present, no one would be able to access the data as the public key and private key would be available to the users and the company itself (com 2017)
Bibliography
Bannister, F., & Connolly, R. (2014). ICT, public values and transformative government: A framework and programme for research. Government Information Quarterly, 31(1), 119-128.
Forbes.com (2017). Retrieved 22 March 2017, from https://www.forbes.com/sites/leemathews/2017/03/22/hackers-threaten-to-wipe-200m-iphones-icloud-accounts-unless-apple-pays/#24405ebe386d
Gunn, J., & Taylor, P. (2014). Forensic psychiatry: clinical, legal and ethical issues. CRC Press.
Markus, M. L., & Mentzer, K. (2014). Foresight for a responsible future with ICT. Information Systems Frontiers, 16(3), 353-368.
McMenemy, D., Poulter, A., & Burton, P. (2014). A handbook of ethical practice: a practical guide to dealing with ethical issues in information and library work. Elsevier.
Rainey, D., Aresty, J., West, R. P., Magazine, A. G. S., & Devanesan, R. (2015). Glimmers on the horizon: Unique ethical issues created by ODR. Dispute Resolution Magazine Winter, 20-23.
Stahl, B. C., Eden, G., Jirotka, M., & Coeckelbergh, M. (2014). From computer ethics to responsible research and innovation in ICT: The transition of reference discourses informing ethics-related research in information systems. Information & Management, 51(6), 810-818.
Stahl, B. C., Timmermans, J., & Mittelstadt, B. D. (2016). The ethics of computing: A survey of the computing-oriented literature. ACM Computing Surveys (CSUR), 48(4), 55.
