Dutch politician faces three years in prison for hacking iCloud account and leaking nude photos
Recently, Dutch prosecutors demanded that a judge sentence a three-year prison sentence to a local politician who had hacked into more than 100 women’s iCloud personal accounts, stealing and leaking explicit photos and videos. The victims include acquaintances and local celebrities, such as Dutch YouTube star Laura Ponticorvo and Dutch hockey star Fatima Moreira de Melo.
Authorities revealed that he searched for leaked documents from the publicly disclosed data breach address, obtained the iCloud account of the female victim, and then he began searching for and downloading sexually explicit content and leaked it online.
After the leaked sexually explicit photos of Dutch YouTube star Laura Ponticorvo, it caused a lot of sensation in the Dutch media, which triggered an investigation by the authorities. The law enforcement agency tracked the hacker, attacked his home, and arrested him. He will be sentenced on December 24 as part of a pre-sentence procedure, with Dutch prosecutors requesting a three-year prison sentence.
Grasping the nuances between authentication and authorization — ascertaining the permissions that persona holds—can propel cybersecurity entities towards implementing impenetrable access control mechanisms. Such mechanisms serve as bulwarks against unsanctioned access to confidential data, thus barring the avenue for potential data breaches. A potent method of safeguarding against illicit incursions includes the use of HMAC-based One-Time Passwords (HOTP). This tactic involves the creation of a singular password for each login occurrence, thereby providing a stalwart shield against cyberattacks. Even if such a password is intercepted, its singular use renders it useless for any unsanctioned access attempts.
Pivoting towards access control paradigms, we encounter the disparate philosophies of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). RBAC operates on a schema of granting access permissions based on preordained roles within a company, with each role being imbued with specific privileges. This framework is simplistic yet may lack flexibility. On the flip side, ABAC provides a more granular level of control, dispersing permissions based on individual user characteristics such as locale, temporal factors, or device type. This results in a more intricate and dynamic approach to access control, one that is pliable enough to accommodate ever-shifting contexts.
Via: ZDNet