Technologist - The FindLaw Legal Technology Blog

How to Guard Against iPhone Ransom

Do you ever think about the end of the world and what you can do about it?

Do you build a bomb shelter, like many countries since the nuclear scare of the 1950s? Do you store water and food, like the survivalists awaiting the killer comet or the religious sects waiting for the Second Coming?

Or, if you are like my teenage daughter, do you declare all is lost because the end of the world means losing contacts on her cell phone?

Well, if your cell phone is your life, then the end of the world is coming on April 7, 2017. Here's why and what you can do about it:

Why? The Hackers Are Coming!

According to reports, "The Turkish Crime Family" will reset hundreds of millions of iPhones and delete photos, videos and other personal data on the devices around the world if Apple does not pay a ransom of $100,000 by April 7, 2017. That's right, Dr. Evil -- $100,000 in iTunes gift cards or $75,000 in bitcoin, whatever is more convenient.

Alright, so it sounds like a joke or at least not a very credible threat. And that's how Apple is dealing with it for now because the company says its systems are secure.

But that's no reason to act like the end isn't coming sometime, somehow. If the Russians can hack 1.5 billion Yahoo accounts, then they can hack your Apple account, too.

How? Change Your Settings

Laura Shin, writing for Forbes, said cell phone users should take precautions because cyber-criminals are already hacking phones and holding them for ransom. They don't actually kidnap the phones; they kidnap the phone numbers.

With the number, the perpetrator gets access to online accounts by impersonating the cell phone user with a call to the service provider. The hacker convinces the service representative that the phone was lost, then resets the password and "ports" the number to the hacker's device. Now the thief has control of everything on your phone.

Shin offers three tips to protect against such attacks:

  • Passwords should include random numbers, upper and lower case letters and special characters.
  • Security questions should be answered differently for each online account.
  • Authentication should include an additional security code on those accounts.

Related Resources: