Hackers Sell Access to Airport Security System for Just $10
This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.
Researchers at McAfee’s Advanced Threat Research team uncovered a marketplace where hackers were selling access to a large international airport’s computer and security system for as little as $10.
The team found that stolen log-in credentials, being sold on a Russian dark website, were for the airport’s remote desktop protocol (RDP), which allows employees to log in to the airport’s computers from a remote location.
After more investigation, McAfee tracked the log in credentials being sold to an IP address of what was believed to be a major international airport. They confirmed with the airport, that yes, those were its RDP credentials and could access “systems linked to security and building automation systems.”
Although McAfee’s blog post doesn’t reveal which airport was hacked for security reasons, it says it was located within the US. The airport resolved the issue after McAfee notified it of the intrusion.
McAfee isn’t positive on how the credentials were found, but it thinks the hackers used the “brute-force” method where they continually guessed random passwords until they found the correct one. According to McAfee, brute-force is a common way for hackers to gain access to RDP systems.
McAfee said hackers could have access to “accounts associated with two companies specializing in airport security; one in security and building automation, the other in camera surveillance and video analytics.” Adding that once they were in the system “a compromise could offer a great foothold and lateral movement through the network using tools such as Mimikatz.”
It added a third compromised account is “most likely associated with the airport’s automated transit system, the passenger transport system that connects terminals.” This suggests that the hackers could have possibly affected a system like JFK or SFO’s Airtrain and have even gained access to more areas of the airport’s computer network, including its security systems.
H/T: The Verge
Welcome to The Points Guy!
Earn 90,000 bonus miles after you spend $3,000 in purchases on your new Card in your first 3 months. Offer ends 8/3/2022.
With Status Boost™, earn 10,000 Medallion Qualification Miles (MQMs) after you spend $25,000 in purchases on your Card in a calendar year, up to two times per year getting you closer to Medallion Status. Earn 3X Miles on Delta purchases and purchases made directly with hotels, 2X Miles at restaurants and at U.S. supermarkets and earn 1X Mile on all other eligible purchases. Terms Apply.
- Limited Time Offer: Earn 90,000 bonus miles after you spend $3,000 in purchases on your new Card in your first 3 months. Offer ends 8/3/2022.
- Earn up to 20,000 Medallion® Qualification Miles (MQMs) with Status Boost® per year. After you spend $25,000 in purchases on your Card in a calendar year, you can earn 10,000 MQMs up to two times per year, getting you closer to Medallion® Status. MQMs are used to determine Medallion® Status and are different than miles you earn toward flights.
- Earn 3X Miles on Delta purchases and purchases made directly with hotels.
- Earn 2X Miles at restaurants worldwide including takeout and delivery in the U.S., and at U.S. supermarkets.
- Earn 1X Miles on all other eligible purchases.
- Receive a Domestic Main Cabin round-trip companion certificate each year upon renewal of your Card. Payment of the government imposed taxes and fees of no more than $80 for roundtrip domestic flights (for itineraries with up to four flight segments) is required. Baggage charges and other restrictions apply. See terms and conditions for details.
- Enjoy your first checked bag free on Delta flights.
- Fee Credit for Global Entry or TSA PreCheck® after you apply through any Authorized Enrollment Provider. If approved for Global Entry, at no additional charge, you will receive access to TSA PreCheck.
- Enjoy an exclusive rate of $39 per person per visit to enter the Delta Sky Club® for you and up to two guests when traveling on a Delta flight.
- No Foreign Transaction Fees.
- $250 Annual Fee.
- Terms Apply.
- See Rates & Fees