Saturday September 21, 2019
Home Lead Story Hackers Gain ...

Hackers Gain Access to Internal Files of US-Based Cyber Security Company

According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company's OneDrive

0
//
cyber security, hackers
FILE - Security firm FireEye's logo is seen outside the company's offices in Milpitas, Calif. VOA

Using an email address and password mistakenly exposed on the Internet, a hacker gained access to the internal files of US-based cyber security company Comodo, bringing the credibility of the company under question.

The credentials were found in a public GitHub repository owned by a Comodo software developer, TechCrunch reported on Saturday. The account was not protected with two-factor authentication and with the email address and password in hand, the hacker could enter the company’s Microsoft-hosted Cloud services. The leaked credentials were discovered by a Netherlands-based security researcher Jelle Ursem who reached out to Comodo Vice-President Rajaswi Das.

According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company’s OneDrive and the company’s organisation graph on SharePoint, allowing him to see the team’s biographies, contact information, like phone numbers and email addresses, photos, customer documents and calendar.

hackers, cyber security
According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company’s OneDrive. Pixabay

ALSO READ: Email Attacks: IT Professionals Struggle in Spotting Suspicious Emails

Screenshots of folders containing agreements and contracts with several customers — with names of customers in each filename, such as hospitals and US state governments.

“Seeing as they’re a security company and give out Secure Sockets Layer (SSL) certificates, you’d think the security of their own environment would come above all else,” the report quoted the Userm as saying. Earlier this year Ursem found a similarly exposed set of internal Asus passwords on an employee’s GitHub public account. (IANS)

Next Story

India Ranks Sixth Country in the World for Highest Cyber Attacks on Pharma Firms

Widely-used EMR-systems open wider entry points for hackers targeting hospitals, said the report

0
cyber attacks
Cyber Attacks (Representational image). Pixabay

India is the sixth country in the world where more and more pharmaceutical companies are being targeted by cyber criminals, a new report said on Sunday.

Nearly 45 per cent machines in the Indian pharmaceutical organisations — more than four in 10 devices — were detected with malicious attempts, said cyber security firm Kaspersky.

From 44 per cent of machines infected in 2017 and a 1 per cent increase in 2018, this year’s number of detected attempts shows that nearly every 5-in-10 devices inside a pharmaceutical facility are now being targeted globally.

Amongst the countries which logged the most number of attacks are Pakistan (54 per cent), Egypt (53 per cent), Mexico (47 per cent), Indonesia (46 per cent) and Spain (45 per cent), with India at sixth position.

“While it is a known fact that money-hungry cybercriminals can easily earn by attacking banks, we also observe that these hackers as well as cyberespionage groups are slowly paying a lot of attention towards the industry of advanced medicine,” said Yury Namestnikov, Head of Global Research and Analysis Team (GReAT) Russia at Kaspersky.

“They are slowly realising that pharmaceutical companies house a treasure trove of highly valuable data such as the latest drugs and vaccines, the newest researches, as well as medical secrets,” he added.

cloudhopper,cyber attacks
A man holds a laptop computer as cyber code is projected on him in this illustration picture. VOA

The rise of internet-connected operational technology (OT) inside these pharmaceuticals also contributes to the widening attack surface inside this sector.

The Advanced Persistent Threat (APT) groups which have been waging sophisticated spying over pharmaceuticals globally include Cloud Atlas and APT10, also known as MenuPass.

“Their attack techniques and behaviour also prove that these attackers’ apparent goal is to get their hands on intellectual properties related to the latest medical formulas and research results as well as the business plans of their victims,” added Namestnikov.

Also Read: Microsoft Announces, ‘Over 112 mn Play Minecraft a Month’

In his own research, Denis Makrushin, Security Architect at Ingram Micro, revealed the risks that come along with the steady migration of hospitals from paper-based data storage to electronic medical record (EMR) systems.

Widely-used EMR-systems open wider entry points for hackers targeting hospitals, said the report. (IANS)