The Potential Dark Cloud on Apple’s Horizon: Security

by Brad Moon | April 3, 2013 9:52 am

Many of those who know me think I’m a bit paranoid when it comes to computer security.

I appreciate the benefits of the cloud and take full advantage of what cloud computing offers, but I’m wary. All of my data — everything from documents to digital photos, music, e-books and movies — is backed up on physical media, multiple times and in multiple locations. I shop online (taking whatever precautions I can) and, as someone who’s invested heavily in the Apple (NASDAQ:AAPL[1]) ecosystem, I buy much of my digital content through Apple’s iTunes.

But I’m a little uneasy about the growing importance of the cloud compared to its vulnerabilities.

Apple has become a leading online retailer of digital media and has focused considerable energy and resources on the cloud — not just its iCloud service, but also cloud-based functions like Siri and iMessage. A whole lot of integrated Mac and mobile functions are now tied up in the cloud, not to mention loads of personal information and financial data. Apple customers increasingly buy, store and share stuff online.

Threats to Apple’s continued dominance in the consumer electronics industry include consumer indifference, missing the boat in China or being beaten to the market for a new device category like a smartwatch[2]. Any of these problems can cause damage over the long-term, but they are nothing compared to what could happen if Apple’s cloud were to suffer a security breach.

A breach is the “Titanic” scenario that could do instant, irreparable harm to Apple’s reputation, crippling its services and devices while halting digital media sales (and possibly customer access to their data).

One need look no further than Sony (NYSE:SNE[3]), another consumer electronics giant, to see the effects of a Titanic scenario. When that company’s PlayStation Network was hacked in 2011[4], it resulted in credit card information for 77 million customers being exposed, took the PlayStation Network offline for more than a month (meaning PS3 owners couldn’t buy online games, play online games or download content) and cost Sony $171 million in direct costs.

The attack did considerable harm to Sony’s reputation at a time when it could hardly afford the hit. It further damaged Sony’s already-hurting bottom line[5] and likely cost it much more than that $171 million when you throw in customers lost to the competition, damage to the game developer community and other factors.

Don’t think Apple is immune to this kind of disaster. It has a reputation for doing things right, but we’ve already seen cracks in the wall, including iMessage downtimes, server-related Siri shortcomings and the well-publicized experience of Wired’s Matt Honan[6]. Honan’s Apple ID was hacked, which allowed perpetrators to remotely erase data on his iPhone, IPad and MacBook.

Apple has spent much of the past year repeatedly plugging security holes[7], putting out iMessage and FaceTime outage fires[8], and assigned fix-it guy Eddy Cue (SVP of Internet services) to tackle Siri’s issues[9].

Apple’s stock is down 30% compared to this time last year because its iPhone and iPad sales aren’t doing quite as spectacular as hoped. Imagine what could happen if iMessage or Siri went down for an extended period; if customers couldn’t access the iTunes store for days or weeks; or if millions of customer IDs, credit card numbers and purchase histories were exposed. What if there were a wave of Matt Honans, with their iDevices and Macs wiped and their data gone?

Any disruption to the iTunes Store would hurt Apple. It makes money selling content — up to $2 billion yearly[10], which might not be a huge percentage of its overall profits but is still a significant source of income. Indeed, iTunes and the App Store have become so central to the Apple experience that iPods, iPhones, iPads, Apple TVs and even Macs (which now buy and download desktop OSX applications from the App Store) depend on that access.

And the direct monetary loss would likely be the least of Apple’s worries. Google (NASDAQ:GOOG[11]), Samsung (PINK:SSNLF[12]), Microsoft (NASDAQ:MSFT[13]), BlackBerry (NASDAQ:BBRY[14]) and other competitors on the mobile and PC front would be all over a damaged Apple — at the consumer, enterprise and content creator levels — and the company’s brand would take a serious hit.

No one is saying that Apple is on the verge of a major hacking or services outage disaster, but the calls for Apple to take cloud security more seriously[15] are increasing. Maybe a fingerprint identification scheme courtesy of its 2012 purchase of AuthenTec[16] is in the cards. No matter what, there’s a growing sense of urgency or the company to do something.

After all, there are a lot of icebergs out there.

As of this writing, Brad Moon did not hold a position in any of the aforementioned securities.

Endnotes:
  1. AAPL: http://studio-5.financialcontent.com/investplace/quote?Symbol=AAPL
  2. new device category like a smartwatch: http://investorplace.com/2013/02/the-right-time-for-an-apple-smartwatch/
  3. SNE: http://studio-5.financialcontent.com/investplace/quote?Symbol=SNE
  4. PlayStation Network was hacked in 2011: http://ca.ign.com/articles/2012/04/21/one-year-later-reflecting-on-the-great-psn-outage
  5. already-hurting bottom line: http://investorplace.com/2012/02/can-kazau-hirai-navigate-sonys-sea-of-red-sne-aapl-amzn/
  6. well-publicized experience of Wired’s Matt Honan: http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/
  7. plugging security holes: http://www.theverge.com/2013/3/22/4137722/apple-brings-password-page-back-online-after-fixing-security-exploit
  8. putting out iMessage and FaceTime outage fires: http://www.pcmag.com/article2/0,2817,2412272,00.asp
  9. Siri’s issues: http://investorplace.com/2012/03/whats-up-with-siri-aapl-goog/
  10. up to $2 billion yearly: http://qz.com/66193/apple-is-finally-making-money-on-content/
  11. GOOG: http://studio-5.financialcontent.com/investplace/quote?Symbol=GOOG
  12. SSNLF: http://studio-5.financialcontent.com/investplace/quote?Symbol=SSNLF
  13. MSFT: http://studio-5.financialcontent.com/investplace/quote?Symbol=MSFT
  14. BBRY: http://studio-5.financialcontent.com/investplace/quote?Symbol=BBRY
  15. Apple to take cloud security more seriously: http://www.theverge.com/2013/3/29/4158594/password-denied-when-will-apple-get-serious-about-security
  16. 2012 purchase of AuthenTec: http://venturebeat.com/2012/07/27/apple-buys-authentec-356m/

Source URL: http://investorplace.com/2013/04/the-potential-dark-cloud-on-apples-horizon-security/
Short URL: http://invstplc.com/1nxZ41B