Clicking on the nude photos of celebrities that have been leaked online could expose curious Internet users to an "absolute world of hurt" by putting their own private information at risk, says one expert.
Leaked nude photos of more than 100 celebrities have many wondering how it happened and if the average person should be worried about the privacy of their online information.
While there are a number of steps Internet users can take to protect their photos, videos and other personal files, the most important precaution is to stay away from links claiming to reveal the compromised celebrity images.
"In many cases those photos have been put on websites that are loaded with malware, and the instant that you click on them you're not taken to the site with the photo, you're in fact taken to a site that takes software, installs it on your computer and the next thing you know you're being hacked," tech analyst Carmi Levy told CTV's Canada AM.
"So, don’t follow those links home, don't take the bait. It will get you into an absolute world of hurt."
After reports the images were obtained through a hack of Apple’s iCloud service, the California-based technology giant has yet to comment on the breach, or even confirm that the photos were indeed taken from its servers. The company is expected to issue a statement later Tuesday.
Hackers were likely able to exploit a weakness in the iCloud’s security by "repeatedly" trying to access users’ accounts without raising any alarms.
"We call it a brute force attack," Levy said. "It's almost like somebody standing at your front door and trying to pick your lock again and again and again. And the trick here is it makes no sound, it’s completely invisible. You have no idea you are being hacked until in fact they break in."
The hole that left the iCloud vulnerable to a breach has been patched, Levy said, so Apple users need not fear. However, users should get familiar with the settings on their devices, from phones to tablets, as well as their services, so they understand how much of their data is ending up in a storage cloud service.
If the device is set to automatically sync with remote servers, for example, then every photo will end up there without further notifications.
Even if the celebrities who were victims of the hack deleted the photos from their phones, they still exist somewhere because the cloud services often make multiple backup copies, according to University of Calgary computer science professor Tom Keenan.
Keenan explained that iCloud is as safe as all the other cloud services, but the key is picking a strong password that you don't use on any other service. Perhaps even more important is taking advantage of a two-step authentication process, which sends a text to your phone each time you log in.
Or, if you want to be totally safe, keep your files away from the cloud.
"Everyone should be concerned about any documents they let out of their control," he told CTV News. "If you really want to keep it secret, keep it on your own computer."
As for the celebrities who have already been hacked, Keenan said they don't have much recourse. Right now, no one knows who posted the photos originally, but those who repost may be sued.
"There is no way for Jennifer Lawrence to get those pictures back," he said.
If you fear your photos or information may be at risk, here is a quick way to disable Apple iCloud:
- Go to the settings menu on your iPhone or iPad.
- Open the 'iCloud' category.
- Open the photos option.
- Switch off Photostream.
- Repeat on other Apple devices.
Keep in mind that even taking strict precautions may not protect you entirely from a security breach. Every company with an online presence is vulnerable: witness the recent breaches at Canada Revenue Agency, Google and Target, among others.
"This is our new normal, and don’t think it’s going to stop here," Levy said. "In another week, another couple of weeks, there will be more headlines from some other break-in."