It seems to be a day of stories around easy access to military documents and airport security. After the reports of a hacker getting his hands on sensitive military documents by using a default router password, now is the turn of airport security. Researchers have discovered that by just paying $10, you can buy your way into an airport's security system.
Criminals are reportedly selling this "access" to hacked airport machines through RDP (remote desktop protocol) shops on the dark web. "Once access is purchased, crooks can obtain logins to a victim’s computer system and essentially have full control of it," security researchers at McAfee revealed today.
"Attacking a high-value network can be as easy and cheap as going underground and making a simple purchase."
RDP is a proprietary protocol developed by Microsoft enabling users to access another computer through a graphical interface, something that is actively used by systems administrators. But it can also have disastrous effects if left in the hands of criminals. However, it is the organizations themselves that are leaving their systems open to cheap RDP attacks that can be bought for as low as $10.
“Just as we check the doors and windows when we leave our homes, organizations must regularly check which services are accessible from the outside and how they are secured."
Security researchers wrote that "attackers simply scan the Internet for systems that accept RDP connections and launch a brute-force attack with popular tools" to figure their login details. A complex password and two-factor authentication could make these RDP attacks harder to succeed.
Criminals caught selling access to a major airport's security systems for $10 on the dark web RDP shops
McAfee reported today that they found “access linked to security and building automation systems of a major international airport” for sale through RDP shop. While they haven't disclosed the name of the international airport that was at the center of this sale, the airport has now secured the vulnerable systems.
It isn't immediately clear how criminals initially obtained credentials of airport security systems, but it could have been done through brute-forcing attacks. The fact that anyone could buy their access to a major international airport's security system is worrying, to say the least. From stealing data to more catastrophic attacks - this access could lead to a lot of serious problems. This latest report reveals how one weak link could be used to undermine an entire system or an organization.
Researchers added that the airport wasn't the only sensitive site with weak security. "We also came across multiple government systems being sold worldwide," they write. This includes health care institutions, from hospitals and nursing homes to suppliers of medical equipment.