An audit of Inmarsat's AmosConnect 8 (originally sold by Stratos Global, now an Inmarsat division) reveals that the ship-to-satellite internet product has a deliberate hidden backdoor -- and an accidental SQL code-injection vulnerability -- that allows anyone in the world to take over all, interrupt, and/or spy on the internet access on many of the world's largest ships and oil rigs.
Amosconnect 8 reached its end-of-life in June 2017, and will no longer receive any patches, meaning these vulnerabilities will remain intact until all affected systems are replaced, which is to say, indefinitely.
The function that grants backdoor access is called "authenticateBackdoorUser."
Apparently, internet communications packages are isolated from internal ship networks that control steering, navigation and propulsion. However, access to the ship's internet would be a boon to pirates and state actors wishing to monitor ships' communications and learn about cargoes, destinations, and locations.
"Essentially anyone interested in sensitive company information or looking to attack a vessel's IT infrastructure could take advantage of these flaws," Ballano said. "This leaves crew member and company data extremely vulnerable, and could present risks to the safety of the entire vessel. Maritime cyber security must be taken seriously as our global logistics supply chain relies on it and as cyber criminals increasingly find new methods of attack."
Backdoor Account Found in Popular Ship Satellite Communications System
[Catalin Cimpanu/Bleeping Computer]
It's been less than a year since a public-spirited hacker broke into the servers of Florida stalkerware vendor Retina-X, wiping out all the photos and data the company's customers had stolen from other peoples' phones (including their kids' phones) by installing the spying apps Phonesheriff on them.
A pair of researchers from Toronto's storied Citizen Lab (previously) have written an eye-opening editorial and call to action on the ways that repressive states have used the internet to attack dissidents, human rights advocates and political oppositions -- and how the information security community and tech companies have left these people vulnerable.
Radiflow reports that they discovered cryptojacking software -- malware that mines cryptocurrency -- running in the monitoring and control network of an unnamed European water utility, the first such discovery, and a point of serious concern about the security and integrity of critical infrastructure to both targeted and untargeted attacks.
When it comes to redesigning or renovating a living space, envisioning changes before they occur can be tricky for most. Thankfully, the web is home to tools that can remove some of the guesswork, like Live Home 3D Pro for Mac. This app lets you create detailed and furnished floor plans for everything from sheds and […]
For many startups and fledgling businesses, web hosting — and the fees associated with it — can take a sizeable chunk out of the company budget and limit growth down the road. But, that’s not to say there aren’t hosts out there who can get your site online while staying within your budget. Arch Hosting is a […]
The web is a big place, but it’s by no means infinite where domain names are concerned. New domain seekers, in particular, are feeling the burn as .com domain names become increasingly saturated, forcing many to choose a second-rate domain name or rename their brand entirely.Opting for a .tech domain not only affords you a […]