Fidelity bank banner UBA banner
Hackers sell codes to access airport security systems

By News Express on 16/07/2018

Share on facebook Yahoo mail icon Gmail icon Share on Google+

Views: 288

•Masked Cyber fraudster
•Masked Cyber fraudster

Criminals have been caught selling codes to access an airport’s security systems on the dark web for just £7 ($10/N35,000), according to a new investigation.

The stolen passwords could allow anyone to access the airport’s remote desktop protocol (RDP). This allows employees to work access airport systems outside the local network.

Had the codes fallen into the wrong hands, they could have compromised passenger safety, allowing criminals to create havoc at the airport.

For instance, if hackers had airport RDP access, it would allow them to control security cameras from anywhere in the world. They could also potentially change the airport’s heating, lighting ventilation and air conditioning systems remotely.

The airport affected has not been named and it appears the codes have now been taken offline. The codes were unearthed on the dark web by McAfee’s Advanced Threat Research team.

“[The codes] could allow cybercriminals to do essentially anything they want - create false alerts to the internal security team, send spam, steal data and credentials, mine for cryptocurrency or even conduct a ransomware attack on the organization,’’ McAfee said.

The credentials facilitated control of “systems linked to security and building automation systems’’ according to the worrying report. It’s still unclear how the airport’s credentials were obtained. McAfee suggests the hackers may have used brute force, simply guessing random passwords until they were able to log in. According to researchers, RDP administrators often do not have two-factor authentification to prevent such brute force attacks.

“Remotely accessing systems is essential for system administrators to perform their duties. Yet they must take the time to set up remote access in a way that is secure and not easily exploitable’’, researchers wrote.

‘’RPD shops are stockpiling addresses of vulnerable machines and have reduced the effort of selecting victims by hackers to a simple online purchase’’.

‘‘The dark web contains RDP shops, online platforms selling remote desktop protocol (RDP) access to hacked machines, from which one can buy logins to computer systems to potentially cripple cities and bring down major companies’’, researchers wrote. The airport was not the only system to have been infiltrated. According to the report ‘’multiple government systems’’ and ‘’dozens of connections linked to health care institutions’’ had had their security systems breached. For security reasons, the report did not mention the names of the systems but notified the relevant institutions.

‘‘Governments and organisations spend billions of dollars every year to secure the computer systems we trust’’, researchers wrote.

‘‘But even a state-of-the-art solution cannot provide security when the backdoor is left open or carries only a simple padlock.

‘‘Just as we check the doors and windows when we leave our homes, organisations must regularly check which services are accessible from the outside and how they are secured.’’

How can you protect your information online?

1. Make your authentication process two-pronged whenever possible. You should choose this option on websites that offer it because when an identity-specific action is required on top of entering your password and username, it becomes significantly harder for fraudsters to access your information.

2. Secure your phone. Avoiding public Wifi and installing a screen lock are simple steps that can hinder hackers. Some fraudsters have begun to immediately discount secure phones altogether. Installing anti-malware can also be beneficial.

3. Subscribe to alerts. A number of institutions that provide financial services, credit card issuers included, offer customers the chance to be notified when they detect suspicious activity. Turn those notifications on to stay informed about credit card activity linked to your account.

4. Be careful when issuing transactions online. Again, some institutions offer notifications to help with this, which will alert you when your card is used online. It might also be helpful to institute limits on amounts that can be spent with your card online.

Culled from Daily Trust

Source News Express

Posted 16/07/2018 12:28:28 PM

 

Share on facebook Yahoo mail icon Gmail icon Share on Google+


 

CLASSIFIED ADS

 

You may also like...
How cloud technology can transform IT in Africa,...

NLC, TUC call on Buhari to investigate alleged...

N100B boost coming for Nollywood distribution network: Minister...

Crack Investigator Bala Ciroma takes charge as FCT...

US Embassy resumes consular services in Abuja, apologises...

Wizkid’s jersey designed by Nike sold out in...

DSS denies doctor, family access to Abaribe —...

DPA mobilises for nation-wide boycott of South African...

Super Eagles Coach Salisu Yusuf caught on tape...

Governor’s wife among 25 injured as VIP stand...

Presidential Election: Buhari may step down at the...

Ikpeazu unveils package for Abians for the next...

 

Latest News Boko Haram kills another abducted Red Cross worker, threatens to enslave Leah Sharibu Microsoft co-founder succumbs to cancer Presidency reportedly orders EFCC to detain Fayose indefinitely Kano lawmakers probe alleged bribery by Governor Ganduje How I’ll deliver one million votes for Governor Emmanuel’s second term — Elijah Ifot, Akwa Ibom leader in Lagos 2019: NEFAD endorses Atiku, Umahi 2019 Presidency: Igbo Ekunie berates Southeast PDP for position on Atiku’s choice of Peter Obi as running mate Police summons PDP guber candidate over alleged murder 2019 elections: INEC insists Zamfara APC has no candidate Adeleke to be docked 31 October for exam fraud ASUU splits in two over attack on vice-chancellor of FUOYE Atiku can get our economy working again — Spokesman

 

Most Read NUDE PHOTO OF OMOTOLA JALADE-EKEINDE surfaces online (406,535 views) Nigerian female sex addict opens up, says ‘I like it with both men and women’ (382,234 views) Shameless Genevieve Nnaji exposes breasts in public (314,580 views) Finally named: The full list of friends of Nigerian female sex addict who prowled Facebook (256,586 views) OLUMBA OLUMBA OBU (the one who called himself God) IS DEAD (237,275 views) Igbo scholar disgraces Femi Fani-Kayode •Demolishes claims on Igbo/Yoruba history with facts and figures (224,225 views) Breaking News: POPULAR REVEREND CONVERTS TO ISLAM in Kaduna (Nigeria) (203,968 views) OBJ’s son reported dead in Lagos plane crash •Names of more victims emerge (185,464 views) My wasted years in Olumba Olumba Obu’s Evil Brotherhood (170,011 views) THE FINAL DISGRACE: Igbo scholar unleashes more facts about Igbo/Yoruba history, finishes off Femi Fani-Kayode with second article (165,828 views) Lagos plane crash: Journalist releases victims’ names (161,395 views) Gunmen kill ASP, 2 other police officers in vain bid to kidnap Rivers PDP chieftain (149,215 views)

 

Categories Advertorials (3) African Press Organisation (81) Art & Literature (67) Business & Economy (3,680) Business Verdict (52) Columnists (945) Complaints & Requests (94) Enterprise & Opportunities (207) Entertainment (559) Features (659) Global Business Monitor (304) International (2,530) Interview (165) Live Commentary (28) Love Matters (145) News (39,629) Opinion (1,123) Pidgin (13) Politics (7,230) Religion (880) Sports (1,730) Stock Watch (35) AMA & Al Jazeera Global Update

 

Zenith Zero Balance

NLNG Expression of Interest banner

CBN banner

Firstmobile banner

 

 

NEWS EXPRESS TV

Fulham vs Arsenal 1-5 All Goals & Extended Highlights

 

APO Group Partner

 

 

CLASSIFIED ADS

GOCOP Accredited Member

GOCOP Accredited member

 

 

Africa Media Agency and Al Jazeera

Advertisement