fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ubiquiti Cyberattack May Be Far Worse Than Originally Disclosed

Ubiquiti Cyberattack May Be Far Worse Than Originally Disclosed

The data breach report from Ubiquiti in January is allegedly a cover-up of a massive incident that put at risk customer data and devices deployed on corporate and home networks.

In the short communication, the company said that an attacker had accessed some of its IT systems hosted by a third party cloud provider and that it found no indication of unauthorized activity impacting user accounts.

Despite any evidence of access to any databases with user info, Ubiquiti could not guarantee that user details had not been exposed. Because of this, the company encouraged changing the login password and enabling two-factor authentication.

Also Read: 4 Best Practices On How To Use SkillsFuture Credit

A deeper intrusion

According to someone involved in the breach response that spoke to Brian Krebs under the condition of anonymity, Ubiquiti greatly downplayed the intrusion to protect its stock price.

Apparently, the company started investigating the incident in December 2020 and the hackers had administrative-level permissions to Ubiquiti’s databases hosted on Amazon Web Services (AWS).

It is alleged that the attacker had root privilege over all Ubiquiti AWS accounts, counting all S3 data buckets, application logs, databases, user credentials, and the secrets to forge single sign-on cookies.

This level of access allows authentication to cloud-based devices, such as the UniFi line of wired/wireless products dispersed across the world.

Ubiquiti noticed in late December multiple Linux virtual machines that the intruder had set up. A closer examination revealed a backdoor on their infrastructure, which the company removed in the first week of January.

It seems that this action triggered a response from the hacker, who asked for 50 bitcoins to keep silent about the breach. According to the report, the intruder also proved that they had exfiltrated source code from Ubiquiti’s systems.

The extortion attempt also came with a promise to reveal where a second backdoor had been planted. The incident response team found this second malware and removed it, though.

After this, the company started to change all employee credentials to make sure that the hacker was locked out of its infrastructure. Next came the alert to customers.

According to Krebs’ source, Ubiquiti did not have access logging for databases, meaning that it could not check what the hacker accessed.

Supposedly, the intruder targeted the credentials to the databases and “created Linux instances with networking connectivity to said databases,” so it is possible that they could access customer systems remotely when Ubiquiti sent out the data breach notification.

Also Read: 3 Reasons Why You Must Take A PDPA Singapore Course

Ubiquiti is a highly popular brand with tens of millions of products distributed all over the world. It makes a variety of networking products that range from WiFi devices (high-power access points) to enterprise-grade switches, surveillance, phone, and door access systems.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us