Tag Archive for: Cybercrime
Hackers breached Colonial Pipeline with one compromised password | Cybercrime News
The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack.
Hackers gained entry into the networks of Colonial Pipeline Co. on April 29 through a virtual private network account, which allowed employees to remotely access the company’s computer network, said Charles Carmakal, senior vice president at cybersecurity firm Mandiant, part of FireEye Inc., in an interview. The account was no longer in use at the time of the attack but could still be used to access Colonial’s network, he said.
The account’s password has since been discovered inside a batch of leaked passwords on the dark web. That means a Colonial employee may have used the same password on another account that was previously hacked, he said. However, Carmakal said he isn’t certain that’s how hackers obtained the password, and he said investigators may never know for certain how the credential was obtained.
The VPN account, which has since been deactivated, didn’t use multifactor authentication, a basic cybersecurity tool, allowing the hackers to breach Colonial’s network using just a compromised username and password. It’s not known how the hackers obtained the correct username or if they were able to determine it on their own.
“We did a pretty exhaustive search of the environment to try and determine how they actually got those credentials,” Carmakal said. “We don’t see any evidence of phishing for the employee whose credentials were used. We have not seen any other evidence of attacker activity before April 29.”
Colonial paid the hackers, who were an affiliate of a Russia-linked cybercrime group known as DarkSide, a $4.4 million ransom shortly after the hack [File: Samuel Corum/Bloomberg]Ransom Note
A little more than one week later, on May 7, an employee in Colonial’s control room saw a ransom note demanding cryptocurrency appear on a computer just before 5 a.m. The employee notified an operations supervisor who immediately began to start the process of shutting down the pipeline, Colonial Chief Executive Officer Joseph Blount…
Physical World Hacking – the New Frontier of Cybercrime | Kenny Sahr
Cybercrime cost businesses and governments over $1 trillion in 2020, according to security software company McAfee. When we speak of cybercrime, we refer to damage to digital assets – computer files. Cybercrime is quickly moving from the digital world to the physical world.
Our Connected World
Over the past few years, more and more “things” are being connected. Smartphones are connected to the newly-minted smart home via light bulbs and appliances. Factories are adding internet connected parts and machinery. Cars are increasingly run by software. The COVID pandemic is accelerating the trend as people work at home and gain access to physical assets (and not just files) from factories that until recently were “air-gapped” (not connected to networks).
Imagine this scenario: a factory manager has access to a boiler from his home office. He ignores IT cybersecurity rules and a hacker gains access to his laptop. The hacker can theoretically raise the temperature of the boiler and cause damage to physical assets and people.
The Dangers of Hacking the Physical World
Criminal hackers are well aware of the new frontier of physical world hacking. The general public is not. The goal of this article is to inform you of what to expect in the coming years. Cybercrime is dangerous enough today. Adding the element of harming people and “stuff” takes cybercrime to a whole new level. I hope society is ready for the wave that is coming.
Let’s take a quick look at the future of cybercrime.
Automotive Hacking
Imagine hackers capable of distracting drivers. It is enough to generate flashing lights on the dashboard in order to wreak havoc. How about changing code on the software that runs your brakes? Cars are especially vulnerable for two reasons –
1. Cars move fast and can harm drivers, passengers and pedestrians
2. It is not easy to update the software or operating system of a car
The roads are dangerous enough without the added risk of hacking. Furthermore, unlike your phone or laptop, it is not easy to update a car’s software. On our personal devices, it just takes a few clicks in order to fix a vulnerability. For a car, today this translated into a recall – bringing an…
