McAfee researchers found that airport system credentials are sold in dark web for $10

Airport system password for sale $10
Researchers at McAfee's Advanced Threat Research found that credentials for the system at large international airports are sold in dark web for the US $10. Airport administrator credentials to confirm that it is correct.

Credentials that will give you control of your security systems and building automation. Airport parties resolve this issue after being contacted by McAfee. The researchers did not mention the name of the airport for security reasons.

The information stolen credentials can be used on the RDP (Remote Desktop Protocol), which allows employees to work through the computers outside the local network. The credentials of the RDP is the driveway that is perfect for the cybercriminal.

Over the years, malware such as ransomware SamSam using RDP credentials to penetrate the security system.

However, it is still unknown how the credentials for this airport could RDP leaked. The researchers suspect the attacker using a brute force method, i.e., random passwords are tried en masse until they find the appropriate credentials.

A brute force attack on the RDP login portal is an attack that is commonly performed. The reason is that the administrator RDP is usually relatively slow in adopting technology such as two-factor authentication, which may prevent an attack using brute force.


No comments