Criminals have been caught selling codes to access an airport’s security systems on the dark web for just £7 ($10), according to a new investigation.
The stolen codes could allow anyone to access the airport’s remote desktop protocol (RDP), allowing them to control security cameras from anywhere in the world.
They could also potentially allow hackers to change the airport’s heating, lighting ventilation and air conditioning systems remotely.
Had they codes got into the wrong hands, they could have compromised passenger safety, allowing criminals to create false security alerts and cause havoc at an airport.
The airport has not been named and it appears the codes have now been taken offline.
Criminals have been selling codes to access airport security systems on the dark web for just £7 ($10), according to a new investigation (stock image)
According to a report by researchers at McAfee’s Advanced Threat Research team, the attackers probably guessed random passwords en masse until they successfully obtained the major international airport’s credentials.
The credentials facilitated control of ‘systems linked to security and building automation systems’ according to the worrying report.
Criminals managed to get the credentials for the airport’s RDP.
This allows employees to work remotely using computers outside the local network.
According to researchers, RDP administrators have not been good at using things like two-factor authentificiation to prevent such attacks.
‘Remotely accessing systems is essential for system administrators to perform their duties. Yet they must take the time to set up remote access in a way that is secure and not easily exploitable’, researchers wrote.
‘RPD shops are stockpiling addresses of vulnerable machines and have reduced the effort of selecting victims by hackers to a simple online purchase’.
Access to building automation and transit and surveillance systems was being sold, meaning cybercriminals could ‘do essentially anything they want’ (stock image)
The issue has now been resolved and researchers have not named the airport for security reasons.
‘The dark web contains RDP shops, online platforms selling remote desktop protocol (RDP) access to hacked machines, from which one can buy logins to computer systems to potentially cripple cities and bring down major companies’, researchers wrote.
The airport was not the only system to have been infiltrated.
According to the report ‘multiple government systems’ and ‘dozens of connections linked to health care institutions’ had had their security systems breached.
For security reasons, the report did not mention the names of the systems but notified the relevant institutions.
‘Governments and organisations spend billions of dollars every year to secure the computer systems we trust’, researchers wrote.
‘But even a state-of-the-art solution cannot provide security when the backdoor is left open or carries only a simple padlock.
‘Just as we check the doors and windows when we leave our homes, organisations must regularly check which services are accessible from the outside and how they are secured.’
HOW CAN YOU PROTECT YOUR INFORMATION ONLINE?
Because hackers are becoming more creative, security experts are warning that consumers need to take all possible measures to protect their identities (file photo)
- Make your authentication process two-pronged whenever possible. You should choose this option on websites that offer it because when an identity-specific action is required on top of entering your password and username, it becomes significantly harder for fraudsters to access your information.
- Secure your phone. Avoiding public Wifi and installing a screen lock are simple steps that can hinder hackers. Some fraudsters have begun to immediately discount secure phones altogether. Installing anti-malware can also be beneficial.
- Subscribe to alerts. A number of institutions that provide financial services, credit card issuers included, offer customers the chance to be notified when they detect suspicious activity. Turn those notifications on to stay informed about credit card activity linked to your account.
- Be careful when issuing transactions online. Again, some institutions offer notifications to help with this, which will alert you when your card is used online. It might also be helpful to institute limits on amounts that can be spent with your card online.