China snoops on iCloud and Microsoft

China has one of the most repressive internet regimes in the world, restrictions are heavily placed on websites that allow the free flow of information and speech. Sites that criticise the government are often blocked and usage of Chinese citizens is widely monitored. In a new twist that has been increasing in popularity from those that control what is known as the Great Firewall, China have been intercepting both iCloud from Apple and Microsoft accounts furthering the requirement to use a Chinese enabled VPN on the mainland.

The iPhone 6 launched in mainland China on the 20th October 2014 and leading industry sites who monitor the internet situation in China report that this interception of the iCloud site has been timed to coincide with Apple’s latest phone release.

Users in China attempting to access the iCloud service are being intercepted by a MITM (Man In The Middle) attack which upon entering their login and password details will expose them to the Chinese authorities. The attack is said to be effecting the whole of mainland China meaning that users who access the site directly are subject to their credentials being compromised.

iCloud can be used to store and sync iMessages, Photos, Contacts and more and with the Chinese authorities gaining access via this attack it could open users up to further spying from the Chinese authorities.

While browsers such as Chrome and Firefox should in theory block access to iCloud when such attacks are in place, users excited to use their new iPhone 6 device are likely to ignore such warnings without realising the dangers behind them. Greatfire.org who monitor the internet situation in China report that the popular Chinese 360 secure browser from Qihoo is conveniently loading the insecure iCloud site without warning.

iCloud Chinese hack

Apple has long had a rather close relationship with the Chinese authorities opting to remove apps from the Chinese version of the app store upon request. However recent news that Apple are now encrypting iOS by default may have caused some concern amongst the Chinese authorities. Default encryption by Apple coupled with the wish to restrict news of the recent Kong Kong protests that saw popular sites such as Instagram blocked, only go to reaffirm the efforts that the mainland Chinese government are putting in to place to restrict the free flow of information to their citizens.

Chinese users are be advised to take precautions when accessing iCloud including, accessing via a browser such as Firefox or Chrome and not ignoring the warnings in place, making use of a Chinese VPN service that has specific modes to work in China such Chameleon from VyprVPN (中国), cat and mouse tactics staying ahead of the great firewall from IPVanish or SSTP from LiquidVPN.

Along with using a reliable browser and Chinese enabled VPN service, users are advised to enable two-step verification for Apple ID. This enables the added protection that even if your login and password was compromised you would still need access to your mobile phone to which a verification code will be sent upon login and without this unique one time code any attacker would not be able to access your account even if they had access to your other details.

In similar news Microsoft are also coming under a similar attack with their login.live.com portal being subject to the same interference when accessed from mainland China directly. The portal is used for the majority of login systems for Microsoft products and like the Apple iCloud situation is further worry for Chinese users who are concerned about privacy at a very basic level. With such tactics being employed it is almost as if Chinese users would have no need for login or passwords as if falling fowl to the MITM interception all accounts would be accessible to the authorities.

China has since denied any involvement in the interception which appeared on Monday, however industry experts around the world appear convinced that it has all the hallmarks of similar intrusion by the Chinese authorities in the past.