Thursday, November 13, 2014

'Masque Attack' Becomes A Homeland Security Issue

The U.S. government’s computer security team is warning iPhone and iPad owners to be extra careful when updating their apps thanks to a vulnerability in iOS 7 and iOS 8 that allows hackers to send updates that impersonate the apps on their phones. Sounds scary right? It is! But it isn't that the DHS is concerned about your individual phone and identify theft- not to minimize it. The reason this is a DHS issue is because of the capabilities associated with what is being dubbed as the 'Masque Attack'.

Apple has known about the vulnerability since July 26. Apple has not responded to previous requests for comment except to reiterate that users should only download and install apps from trusted sources. The DHS is also concerned about that because not saying something means the virus could have spread and fallen into more sinister hands. This said, US-CERT, which acts as the operational arm of the Department of Homeland Security’s National Cyber Security Division, said Apple users can protect themselves by only installing apps directly from Apple’s official store or from their own organizations.

Here's my point - we now live in a world where cyber security seems to be a huge issue for both individuals and our country's security on a daily basis. It also seems that major companies, like Apple, truly don't understand how a small case of identity theft (again, not that it can every be considered "small") can also lead to big problems on a national level if the wrong app or big technology hacks are used for bad things. Our banking systems can go down, airport traffic control could go down, systems can show beheadings on children television stations- a lot can go wrong. So, this is far more of a concern because of the bigger concerns associated with the 'Masque Attack'. Oh, did I mention the President uses an iPhone?

I'm not trying to scare anyone today, but I am offering a warning. Be awareof what you download online and report anything suspicious to US-CERT.

Until tomorrow,

Twyla N. Garrett of IME

No comments:

Post a Comment

Twitter Updates