Security researchers discovered that, for just $10 on the dark web, it appears someone could essentially buy their way into an international airport’s security system. This finding from McAfee’s team of researchers signals how a weak link can undermine systems that may otherwise seem thoroughly secured, even as billions of dollars are put towards locking things up.
The research team says it found “access linked to security and building automation systems of a major international airport” for sale through a Remote Desktop Protocol (RDP) shop based in Russia. RDP, developed by Microsoft, lets someone remotely connect with and control another computer. The McAfee researchers described how hackers can “simply scan the Internet for systems that accept RDP connections and launch a brute-force attack with popular tools” to figure out system login credentials.
“A weak password is like a server room door that’s propped open, inviting any passing snooper to take a look inside,” Naked Security pointed out in a post on RDP last year.
“Just as we check the doors and windows when we leave our homes, organizations must regularly check which services are accessible from the outside and how they are secured,” McAfee wrote in a blog post detailing the breach.
The implications of hackers possibly paying just ten bucks to gain remote access to an airport’s systems are vast and deeply unsettling—someone could “create false alerts to the internal security team, send spam, steal data and credentials, mine for cryptocurrency, or even conduct a ransomware attack on the organization,” the researchers noted.
McAfee researchers also added in the blog post that they found access to a number of government and health care institutions’ systems for sale, including hospitals, nursing homes, and medical equipment suppliers. They said they have informed the victims of the identified vulnerabilities and are looking into how these Windows systems were apparently breached.