This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. For an explanation of our Advertising Policy, visit this page.
Researchers at McAfee’s Advanced Threat Research team uncovered a marketplace where hackers were selling access to a large international airport’s computer and security system for as little as $10.
The team found that stolen log-in credentials, being sold on a Russian dark website, were for the airport’s remote desktop protocol (RDP), which allows employees to log in to the airport’s computers from a remote location.
After more investigation, McAfee tracked the log in credentials being sold to an IP address of what was believed to be a major international airport. They confirmed with the airport, that yes, those were its RDP credentials and could access “systems linked to security and building automation systems.”
Although McAfee’s blog post doesn’t reveal which airport was hacked for security reasons, it says it was located within the US. The airport resolved the issue after McAfee notified it of the intrusion.
McAfee isn’t positive on how the credentials were found, but it thinks the hackers used the “brute-force” method where they continually guessed random passwords until they found the correct one. According to McAfee, brute-force is a common way for hackers to gain access to RDP systems.
McAfee said hackers could have access to “accounts associated with two companies specializing in airport security; one in security and building automation, the other in camera surveillance and video analytics.” Adding that once they were in the system “a compromise could offer a great foothold and lateral movement through the network using tools such as Mimikatz.”
It added a third compromised account is “most likely associated with the airport’s automated transit system, the passenger transport system that connects terminals.” This suggests that the hackers could have possibly affected a system like JFK or SFO’s Airtrain and have even gained access to more areas of the airport’s computer network, including its security systems.
H/T: The Verge
The American Express Platinum card has some of the best perks out there: cardholders enjoy the best domestic lounge access (Delta SkyClubs, Centurion Lounges, and Priority Pass), a $200 annual airline fee credit as well as up to $200 in Uber credits, and mid-tier elite status at SPG, Marriott, and Hilton. Combined with the 60,000 point welcome offer -- worth $1,140 based on TPG's valuations -- this card is a no-brainer for frequent travelers. Here are 5 reasons you should consider this card, as well as how you can figure out if the $550 annual fee makes sense for you.
- Earn 60,000 Membership Rewards® points after you use your new Card to make $5,000 in purchases in your first 3 months.
- Enjoy Uber VIP status and free rides in the U.S. up to $15 each month, plus a bonus $20 in December. That can be up to $200 in annual Uber savings.
- 5X Membership Rewards® points on flights booked directly with airlines or with American Express Travel.
- 5X Membership Rewards points on prepaid hotels booked on amextravel.com.
- Enjoy access to the Global Lounge Collection, the only credit card airport lounge access program that includes proprietary lounge locations around the world.
- Receive complimentary benefits with an average total value of $550 with Fine Hotels & Resorts. Learn More.
- $200 Airline Fee Credit, up to $200 per calendar year in baggage fees and more at one qualifying airline.
- Get up to $100 in statement credits annually for purchases at Saks Fifth Avenue on your Platinum Card®. Enrollment required.
- $550 annual fee.
- Terms Apply.
- See Rates & Fees