Hacker Tracker | August In Review

Where are we in the world of cybersecurity? It’s easy to miss the cybersecurity threats and attacks happening right in our “backyard.” Our goal at PK Tech is to educate and offer proactive steps for cybersecurity safety. It’s essential to be aware–without being afraid–of the cybersecurity threats that are real threats for your business. PK Tech aims to be a leading educator and support tool in the world of cybersecurity.

Check out our monthly “Hacker Tracker” for the latest in cybersecurity hacks, breaches, and updates…

#1 Critical IoT security camera vulnerability allows attackers to remotely watch live video – and gain access to networks | 8.17.21

  • Security vulnerabilities in millions of Internet of Things (IoT) devices, including connected security cameras, smart baby monitors and other digital video recording equipment, could allow cyber attackers to compromise devices remotely, allowing them to watch and listen to live feeds, as well as compromise credentials to prepare the ground for further attacks.
  • Mandiant, CISA and ThroughTek disclose a vulnerability in millions of devices that could let attackers watch live camera feeds, create botnets or use hacked devices as a stepping stone to further attacks.
  • It’s tracked as CVE-2021-28372 and carries a Common Vulnerability Scoring System (CVSS) score of 9.6 — classifying it as a critical vulnerability. Upgrading to the latest version of the Kalay protocol (3.1.10) is highly recommended to protect devices and networks from attacks.  
  • View the Source

#2 B. Braun updates faulty IV pump after McAfee discovers vulnerability allowing attackers to change doses | 8.24.21

  • McAfee Enterprise’s Advanced Threat Research Team released a new study about vulnerabilities they found with pumps created by German healthcare giant B. Braun. Infusion pumps help nurses and doctors skip time-consuming manual infusions and have gained popularity in recent years as hospitals digitize their systems.
  • According to the study, attackers could take advantage of the vulnerabilities to change how a pump is configured in standby mode, allowing altered doses of medication to be delivered to patients without any checks. 
  • The OS of the pump does not check where the commands it gets are from or who is sending data to it, giving cyberattackers space to attack remotely. The use of unauthenticated and unencrypted protocols also gives attackers multiple avenues to gain access to the pump’s internal systems that regulate how much of each drug needs to go to a patient. 
  • View the Source

#3 21-year-old tells WSJ he was behind massive T-Mobile hack | 8.26.21

  • A 21-year-old Virginia native living in Turkey has admitted to being the main force behind the massive T-mobile hack that exposed the sensitive information of more than 50 million people.
  • Through Telegram, Binns provided evidence to the Wall Street Journal proving he was behind the T-Mobile attack and told reporters that he originally gained access to T-Mobile’s network through an unprotected router in July. 
  • He had been searching for gaps in T-Mobile’s defenses through its internet addresses and gained access to a data center near East Wenatchee, Washington where he could explore more than 100 of the company’s servers. 
  • From there, it took about one week to gain access to the servers that contained the personal data of millions. By August 4, he had stolen millions of files. 
  • View the Source

Lessons Learned From This Month’s Hacks

  1. With technology constantly advancing, risks continue to emerge and evolve as well. One such risk is with loT devices. We talk about it more on our blog here. If you have an internet-connected device, educate yourself on the risks. If you are using loT devices for your business, ask us how to do so safely. 
  2. The vulnerability discovered in the Braun medical devices holds a warning for medical professionals in all healthcare industries. While networked medical devices are game-changing, it does not come without a new set of risks to be aware of. If you are a hospital or independent medical practice, make sure you invest in a qualified IT security team to monitor and service your digitized devices regularly. Your patients’ health and privacy depend on it.
  3. We learn this from the T-Mobile attack: watch out for disgruntled employees (both current and former) and disgruntled customers. We wrote more about this phenomenon on our blog here. The young man that executed the T-Mobile attack was driven by anger over how he was treated by US law enforcement in recent years. While an attack on T-Mobile as revenge may seem like a stretch, it nonetheless serves an important lesson if you are a business owner about keeping individuals associated with your business happy, whether it be employees or customers.

Reach out if you have questions here.