Access to major airport's security system offered on dark web for $10
Researchers at McAfee found remote access to a major airport's security system available on the dark web for $10.
Why it matters: The hacked access came from an online market for remote desktop protocol (RDP) accounts, which sell access to hacked accounts in all kinds of systems. "There’s a lot of discussion about sophisticated nation-state attacks, but this was a really cheap way anyone could get access to something," Raj Samani, chief scientist at McAfee, told Axios.
Why so cheap? The RDP market isn't typically about purchasing access to systems to actually use the systems. Instead, buyers pay between $3 and $19 for access to machines based on bandwidth. Those systems are often used for their resources rather than their information.
- That could mean uploading cryptomining software or launching other cyberattacks from the RDP-enabled system.
- When the attacks are based on the information on the system, it's often to hold that information hostage for monetary gain. A $3-$19 dollar account purchased at the market could be used to upload ransomware. "Sam Sam ransomware used this method and cost $40,000 to decrypt data. You do the math," said Samani.
McAfee worked with the airport to plug the security gaps, but RDP access is an often overlooked security threat on systems worldwide.