Recorders **** *** ********** *******
** ********* ********* *********, *** ****** ******* ******* *** two ******** **** ****** ********* ** launch ** ***** **** ******** ** distribute **********. *** ********** ******* **** launched **** *** *********** ******** ** an ******* ** *** ******* ** disguise ***** ****** ******** *** **** it ****** ** ** ****** ** authorities.

Hackers *** ********** ** ************ *** *******
***** ** ** ******** **** ****** to *** ******* ************ ********* ************ equipment, ** *******, *** *** **** **** any ******** ** *** **** ** recorded ***** ** *** *********. ** is ****** *** ******* **** ******* the ******* **** ***** *** ******** by *** *** *** **** *** city ************, ** *** **** **** aware ** ****, **** ***** **** likely ****** ** *** ******** **** would ** **** ****** ** ***** an ************* ********.
Equipment ****
** ********* ** ********** ** ***'* ************ *********, *** ******* ********** ** *** system ****:
Integrator *****
*****, *** **********/*** **** ***** *** systems **** ** *** *** *********** ** ******* ** ****. *********** *********, ***** ********** ********** ** "*** ******'* premier ******** ** **-************ ********* **** wireless ********", *** "********** *******":

****** ***********, **************, *** ******* **********-******** customers **** *****'* ****** ******** ****.
Remote ******* ****** ********* *******
*** (****** ******* ********) *** **** by *** ******* *** ****** ******* of *** ****** *********. ****** *** installed ** *** *******, *** *** blocked ** * ******** *** ****** the ******'* ******* ********** ** ********* these *******. ** ***** ********** ** cyber-criminals, *** ****** ******* ***** *** following **** ** *** ** *** hackers, ******* *** "*********" ** ******** with *** *******:

Low **** ******* **** ** ***** *******
********** *** ******* **** ****** ** using ******** ***** ** **** ** the ****** *********, *** ******* ***** accounts **** ** **** *******. *** Secret ******* *** **** ** **** ***** email ******** ** ***** ********, *** access ** ******* **** ****** *** other *********, ***** ********** *** **** ** the ******* ****** ********** *** *********. Based ** *** *********** ** *** Secret ******* ******, *** ******* **** moderate, *** *** *********, ***** ** conceal ***** ********** *** ********, *** were ******** ********* ******* ***** *******, and *** *** ****** ** *** kind ** **** **** ******** *******.

************, ******* ******** ** **** *** information **** ** *** *********, *** Secret ******* *** **** ** ******** some ******* ** *** *******, *** contacted ***** ******* ** ******** ********** details **** ****** ** ******** *** hackers:

Responsibility ** ******* *** ***********
***** **** ********* * *********** ****** involved:
- ******* ******* *** *** ********** **** ******* settings *** ******** ** *** ******* OS, ******** *** ******* ** **** risk. ******* *** ***** ******* ******** **** ******* settings *** *** ********** *** **** for ********* ** ****** ********* *************** for ***** ******* [**** ** ****** available].
- *** ******* **** **** ******** ********** and *** *** *** * ***, a ******* ********* ** ************** ******* ****. *** *** ****** ***** ************ system, *** ********* *** ** *******, exposing *** ******* ** ****** ****** was * ***** *******. *****'* ***** led ********* ** ******* **** **** were ********** ****-**-***** *** *******-***** ********* optimized *** **** ******** ************, **** in **** **** ******** ******* **** multiple *************** ******* *** ********* ******* settings *** **** ** ****** ************.
Comments (8)
Undisclosed #1
Yes, just targeting Windows.
Create New Topic
Undisclosed Integrator #3
This will probably be enough to get my boss to listen to me. Thanks for sharing.
Create New Topic
John Day
I'm floored that the customer didn't require the contractor to use a VPN and that the hackers used rdp to get in - that's almost as low tech as using default passwords!
At what point do we actually use the word "negligent"? What I'd love to know is whether there was anything in the specification requiring any baseline of network security or whether this was purely the integrator leaving the system open.
Unfortunately whoever is at fault would probably claim (correctly) that this is an accepted practice in the security business.
Create New Topic
John Day
Both are an issue - if the bad guy knows rdp vulnerabilities then he can probably get everything he needs to know off a service like Shodan. A hack using rdp would likely give the bad guy full control of the system in question - a hack of a camera would usually only give you access to the device.
Which is more vulnerable? Based on a quick Shodan search, cameras are certainly more plentiful... a rdp hack would be more destructive.
The issue with this is that anything (like RDP) that isn't essential to the operation of the system should be blocked by the firewall.
Create New Topic