Reports last week disclosed how the iPhone keeps a record of your physical location. A worrying scenario which Rob Rachwald, Director of Security Strategy for Imperva warns; “has deeper implications, than may first appear, as hackers could exploit your movements.”
Pete Warden, one of the researchers who discovered the capability said: “Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you've been."
Rob explains, “Although data privacy is an issue i.e., Apple doing something immoral with user location information, a bigger concern is hackers. We all know, hackers are innovators and will quickly jump all over iPhones to devise attacks using geo location.”
So, what could possible hacks look like?
Commercial hackers - interested in making money would use geo location for localised scams. They could develop malware, for example, to focus French scams in Quebec. Attacks could be even further targeted to offer scams that come from a local café or restaurant you visit: "Send us $100 now and we'll give you a free Armani suit next week."
Government-sponsored hackers (APT) could use this information to help track the movement of key people they’d like to follow. For example, let's say a government wants to find out the location of an adversary's secret facility (lab, intelligence centre, etc...). They know the employees who work there, but not the location. In this case, hackers would develop malware, target specific people's iPhones and then by monitoring their frequent routes and destinations an informed ‘guess’ could be made.”