Car Cameras Hackable, UK Water Breach, Thailand Frees Captives
Another week, another cyber news bulletin to make you cyber aware!
Hello people, we are back again on the fourth week of February. In this last bulletin of the month, we are going to talk about the vulnerability of car cameras against hackers, the long-lasting impact of data breaches on critical infrastructure like water utility companies, and the Thai government’s attempt to free cyber captives trapped in illegitimate Myanmar workstations.
Cyberawareness is our motto so that you can sleep in peace, knowing that your hard-earned money and system are safe from the malicious attempts of the threat actors. Stay with us if you wish the same.
Car cameras are susceptible to hacking!
Ever thought that car dash cams can be prone to hacking? No? Then you need to see this!
Hackers can literally hack into your car’s dash cam and gain unauthorized access to your car’s devices. This further gives them complete access to sensitive data such as location data, in-car conversations, and so much more.
This tactic is called drivethru hacking. Threat actors can commit a breach and get access to personal data such as GPS, car information, driver details, video footage, audio clips, etc. A researcher discovered this mind-boggling flaw while connecting his smartphone with his car’s new dash cam. He realized that the recorded video footage belonged to the car parked next to him. He had unrestrained access to sensitive details such as recorded conversations, video footage, and driving routes of that car.
Chen, the researcher, has been working since then with fellow researchers and experts to understand the implications of this dash cam vulnerability on the automobile industry. This research has revealed concerning details. The initial access can provide the threat actor with ample chances for secondary exploits.
For instance, a hacker can further try to gain access to other vehicle systems as well as extract more personal data. They can even try to bypass authentication checks and manipulate the crucial functions of the vehicle. Another huge risk is that such cyber attacks can easily throttle the vehicle battery, leading to the car being completely inoperable.
The best possible way to avoid such unfortunate incidents is to go for secure-by-design principles when it comes to manufacturing car dashcams. The idea is to secure the dashcams and use proper authentication technology at multiple layers and lower down the SSID exposure. To enhance email security and prevent spoofing, implement SPF, DKIM, and DMARC by configuring your domain’s DNS records to authenticate senders, validate message integrity, and enforce email policies
UK Water utility company is facing breach consequences even after 1 year since the attack!
One of the water utility companies in the UK, Southern Water, had to face a cyberattack one year ago. However, the company is still facing the consequences of the cyberattack after so long. A Russian ransomware group named Black Basta claimed responsibility for the attack and managed to penetrate the IT system of the company. Legal advisers, third-party cybersecurity experts, and Southern Water worked closely to minimize the extent of the damage.
In its annual report, the company confirmed the expense of the data breach to be around $5.7 million USD. Prior to the attack, the customer base of the water utility company was 2.7 million. Around 5% to 10% of the same have been affected by the ransomware attack. The company offered a notification letter and one year’s worth of paid Experian credit monitoring to all the victims.
Apart from that, legal fees, security measures, third-party cyber assistance, etc, have added to the overall cost. Experts believe that the total cost may even include the ransom amount of $750,000. As per some leaked chat details, initially, Black Basta demanded $3.5 million, which the company denied.
Thailand attempts to free thousands of cyber captives across cyber sweatshops!
Thai police believe that a whopping 100,000 human trafficking victims are held in captivity in Myanmar. As per the police, these victims are forced to work as threat actors and run cybercrime campaigns from call centers and workstations. The Thai police state that these cybercrime workstations are being run by 40 to 50 Chinese criminal gangs. The victims are forced to carry out a wide variety of attacks, such as cryptomining, fake gaming sites, social engineering, and so on.
Last week, the Thai police carried out a crackdown on these illegal workstations that are situated on the Thailand-Myanmar border. They smartly cut off fuel and electricity supply to these work centers. The operation is seemingly successful as Thai police are expecting a batch of 7000 victims to be released soon from those cybercrime centers in the upcoming months. The victims will first be sent to Thailand. Then, they will go through proper screening methods and, finally, will be sent back to their home countries.
