Criminals have been caught selling codes to access an airport’s security systems on the dark web for just £7 ($10), according to a new investigation.
The stolen passwords could allow anyone to access the airport’s remote desktop protocol (RDP).
This allows employees to work access airport systems outside the local network.
Had the codes fallen into the wrong hands, they could have compromised passenger safety, allowing criminals to create havoc at the airport.
For instance, if hackers had airport RDP access, it would allow them to control security cameras from anywhere in the world.
They could also potentially change the airport’s heating, lighting ventilation and air conditioning systems remotely.
The airport affected has not been named and it appears the codes have now been taken offline.
Scroll down for video
Criminals have been selling codes to access airport security systems on the dark web for just £7 ($10), according to a new investigation (stock image)
The codes were unearthed on the dark web by McAfee’s Advanced Threat Research team.
‘[The codes] could allow cybercriminals to do essentially anything they want – create false alerts to the internal security team, send spam, steal data and credentials, mine for cryptocurrency or even conduct a ransomware attack on the organization,’ McAfee said.
The credentials facilitated control of ‘systems linked to security and building automation systems’ according to the worrying report.
It’s still unclear how the airport’s credentials were obtained.
McAfee suggests the hackers may have used brute force, simply guessing random passwords until they were able to login.
According to researchers, RDP administrators often do not have two-factor authentificiation to prevent such brute force attacks.
‘Remotely accessing systems is essential for system administrators to perform their duties. Yet they must take the time to set up remote access in a way that is secure and not easily exploitable’, researchers wrote.
‘RPD shops are stockpiling addresses of vulnerable machines and have reduced the effort of selecting victims by hackers to a simple online purchase’.
Access to building automation and transit and surveillance systems was being sold, meaning cybercriminals could ‘do essentially anything they want’ (stock image)
‘The dark web contains RDP shops, online platforms selling remote desktop protocol (RDP) access to hacked machines, from which one can buy logins to computer systems to potentially cripple cities and bring down major companies’, researchers wrote.
The airport was not the only system to have been infiltrated.
According to the report ‘multiple government systems’ and ‘dozens of connections linked to health care institutions’ had had their security systems breached.
For security reasons, the report did not mention the names of the systems but notified the relevant institutions.
‘Governments and organisations spend billions of dollars every year to secure the computer systems we trust’, researchers wrote.
‘But even a state-of-the-art solution cannot provide security when the backdoor is left open or carries only a simple padlock.
‘Just as we check the doors and windows when we leave our homes, organisations must regularly check which services are accessible from the outside and how they are secured.’
HOW CAN YOU PROTECT YOUR INFORMATION ONLINE?
Because hackers are becoming more creative, security experts are warning that consumers need to take all possible measures to protect their identities (file photo)
- Make your authentication process two-pronged whenever possible. You should choose this option on websites that offer it because when an identity-specific action is required on top of entering your password and username, it becomes significantly harder for fraudsters to access your information.
- Secure your phone. Avoiding public Wifi and installing a screen lock are simple steps that can hinder hackers. Some fraudsters have begun to immediately discount secure phones altogether. Installing anti-malware can also be beneficial.
- Subscribe to alerts. A number of institutions that provide financial services, credit card issuers included, offer customers the chance to be notified when they detect suspicious activity. Turn those notifications on to stay informed about credit card activity linked to your account.
- Be careful when issuing transactions online. Again, some institutions offer notifications to help with this, which will alert you when your card is used online. It might also be helpful to institute limits on amounts that can be spent with your card online.
http://www.dailymail.co.uk/sciencetech/article-5946245/Hackers-caught-selling-codes-access-AIRPORT-security-systems-dark-web-just-7.html?ITO=1490&ns_mchannel=rss&ns_campaign=1490 Source: MailOnline | Copyright © MailOnline, All Rights Reserved