Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
Apple and Starbucks could have avoided being hacked if they'd taken this simple step
Buchanan, William J
Authors
Abstract
Apple and Starbucks are two of the world’s most trusted companies, but their reputations were recently tarnished thanks to some novice cybersecurity mistakes. Both setup systems that could have allowed hackers to break into customers' accounts by repeatedly trying different passwords, a procedure commonly known as a “brute force” attack. The mistake both firms made was in not employing the simple tactic of automatically locking accounts after several failed attempts to enter a password. Last week it was revealed such tactics allowed thieves to steal money from users of Starbucks' mobile app. In 2014, an investigation around the publishing of nude photos of celebrities taken from their iCloud storage accounts, identified that intruders could access Apple’s Find My iPhone app by continually trying different login details. In order to protect against this type of attack, many sites block login after a given number of incorrect attempts. The system can then go into a permanent lock-out mode (where the user must perform a lock-out procedure, such as calling the hosting company to verify their account), or lock out for a given time (known as the hold-down time).
Citation
Buchanan, W. J. (2015). Apple and Starbucks could have avoided being hacked if they'd taken this simple step
Other Type | Newspaper Article |
---|---|
Publication Date | May 19, 2015 |
Deposit Date | Aug 7, 2015 |
Publicly Available Date | Mar 29, 2024 |
Keywords | Apple; Starbucks; cybersecurity; brute force attack; password lockout; |
Public URL | http://researchrepository.napier.ac.uk/id/eprint/8778 |
Files
Apple and Starbucks could have avoided being hacked if they\'d taken this simple
(406 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nd/4.0/
Apple And Starbucks Could Have Avoided Being Hacked If They'd Taken This Simple Step
(674 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nd/4.0/
You might also like
Enhancing Mac OS Malware Detection through Machine Learning and Mach-O File Analysis
(2023)
Conference Proceeding
Scalable Multi-domain Trust Infrastructures for Segmented Networks
(2023)
Conference Proceeding
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search