3.1.2020 – Cyber News Update

Welcome to CyberCure transcript.

This article/podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes.

The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.

In recent podcast we covered Ring , company owned by Amazon. Ring manufactures a range of home security products that incorporate outdoor motion-detecting cameras, such as the Ring Video Doorbell and other home internet connected cameras.

Increasing amount of cyber security incidents with Ring made devices made them release a statement that nothing is wrong with the devices security and that its up to the clients to make sure they have decent protection using 2 factor authentication.

The default protection of the devices is so low that hackers built and published automatic apps that working as scrapers to guess passwords for ring devices.

The new development with this story is that now a class action lawsuit filed by Alabama resident John Baker Orange. Orange claims a hacker talked to his children through his Ring camera while they were outside playing basketball.

The lawsuit holds Ring responsible for damages due to negligence, invasion of privacy, breach of the implied warranty, breach of the implied contract, unjust enrichment and unfair competition. The total aggregated claims of class members in the suit exceed $5 million, If you have Ring made device pay attention to this law suite, you might be eligible to get some compensation if they manage to win,

We will continue to follow the story as it develops.

NASA is very attractive target for cyber attacks.

earlier this year it was reported that hackers breached NASA network and were able to steal Mars mission data, The infiltration was only spotted and stopped after the hackers roamed the network undetected for almost a year.

Official report of NASA concluded that hackers were able to gain unauthorized access to JPL network and were able to steal valuable data regarding one of its major mission systems such as the Curiosity rover.

It turns out that the hackers exploited an outdated Raspberry Pi, which was attached to the JPL network without authorization and was used as a launch pad for getting inside and moving laterally across the network. 

Raspberry Pi is a series of small single-board computers developed in the United Kingdom to promote teaching of basic computer science in schools and in developing countries. this small computers can be easily attached to existing networks and are used many times by developers to test prototypes of software, since this computers cost nearly 25$ they are very affordable and common.

“Over the past 10 years, JPL has experienced several notable cybersecurity incidents that have compromised major segments of its IT network,” the report said.

The report points several vulnerabilities in the network that allowed the hackers to penetrate and stay in the network for long time.

Also affected were systems involved in NASA’s Deep Space Network. 

This ultimately prompted security teams from the Johnson Space Center, which manages the International Space Station, to disconnect from the gateway due to fears that “cyberattackers could move laterally from the gateway into their mission systems, potentially gaining access and initiating malicious signals to human space flight missions that use those systems”.

The report continues and notes that JPL had not implemented a threat hunting program to “aggressively pursue abnormal activity on its systems for signs of compromise”, relying instead on “an ad hoc process to search for intruders”.

If JPL would have used Threat Intelligence to gather indicators of attackers they could have easily spot the intruders in much shorter time and prevent such leak of data.

That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit www.cybercure.ai for the latest podcasts on cyber intelligence.


Leave a Reply