An airplane flies. Photo: Aviation-images.com/UIG via Getty Images

Researchers at McAfee found remote access to a major airport's security system available on the dark web for $10.

Why it matters: The hacked access came from an online market for remote desktop protocol (RDP) accounts, which sell access to hacked accounts in all kinds of systems. "There’s a lot of discussion about sophisticated nation-state attacks, but this was a really cheap way anyone could get access to something," Raj Samani, chief scientist at McAfee, told Axios.

Why so cheap? The RDP market isn't typically about purchasing access to systems to actually use the systems. Instead, buyers pay between $3 and $19 for access to machines based on bandwidth. Those systems are often used for their resources rather than their information.

  • That could mean uploading cryptomining software or launching other cyberattacks from the RDP-enabled system.
  • When the attacks are based on the information on the system, it's often to hold that information hostage for monetary gain. A $3-$19 dollar account purchased at the market could be used to upload ransomware. "Sam Sam ransomware used this method and cost $40,000 to decrypt data. You do the math," said Samani.

McAfee worked with the airport to plug the security gaps, but RDP access is an often overlooked security threat on systems worldwide.

Go deeper

Updated 1 hour ago - Politics & Policy

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Politics: Senate Democrats block vote on McConnell's targeted COVID relief bill McConnell urges White House not to strike stimulus deal before election.
  2. Economy: Why the stimulus delay isn't a crisis (yet).
  3. Health: New York reports most COVID cases since MayStudies show drop in coronavirus death rate — The next wave is gaining steam.
  4. Education: Schools haven't become hotspots — San Francisco public schools likely won't reopen before the end of the year.
  5. World: Spain becomes first nation in Western Europe to exceed 1 million cases.
2 hours ago - Podcasts

House antitrust chair talks USA vs. Google

The Justice Department filed a 63-page antitrust lawsuit against Google related to the tech giant's search and advertising business. This comes just weeks after the House subcommittee on antitrust issued its own scathing report on Google and other Big Tech companies, arguing they've become digital monopolies.

Axios Re:Cap talks with Rep. David Cicilline (D-R.I.), chair of the subcommittee on antitrust, about Google, the DOJ's lawsuit and Congress' next move.

3 hours ago - Economy & Business

Boeing research shows disinfectants kill virus on airplanes

Electrostatic spraying of disinfectant. Photo: Delta Air Lines

Boeing and researchers at the University of Arizona say their experiment with a live virus on an unoccupied airplane proves that the cleaning methods currently used by airlines are effective in destroying the virus that causes COVID-19.

Why it matters: Deep cleaning aircraft between flights is one of many tactics the airline industry is using to try to restore public confidence in flying during the pandemic. The researchers say their study proves there is virtually no risk of transmission from touching objects including armrests, tray tables, overhead bins or lavatory handles on a plane.