Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Teen Hackers. Show all posts
User Security
Cyber Crime LAPSUS$ Teen Hackers Threat Landscape User Security

Advanced Persistent Teenagers: A Rising Security Threat

 

If you ask some of the field's top cybersecurity executives what their biggest concerns are, you might not expect bored teenagers to come up. However, in recent years, this totally new generation of money-motivated hackers has carried out some of the biggest hacks in history and shows no signs of slowing. 

Meet the "advanced persistent teenagers," as stated by the security community. These are skilled, financially motivated attackers, such as Lapsus$ and Scattered Spider, who have proven capable of digitally breaching into hotel companies, casinos, and tech behemoths.

The hackers can deceive unsuspecting employees into giving over their company passwords or network access by using strategies such as believable email lures and convincing phone calls posing as a company's support desk. 

These attacks are extremely effective, have resulted in massive data breaches impacting millions of individuals, and have resulted in large ransoms paid to make the hackers vanish. By displaying hacking capabilities previously limited to only a few nation states, the threat from idle teenagers has forced numerous companies to confront the reality that they don't know if the personnel on their networks are who they say they are, and not a sneaky hacker. Has the threat posed by idle teens been understated, according to two respected security veterans? 

“Maybe not for much longer,” noted Darren Gruber, technical advisor in the Office of Security and Trust at database giant MongoDB, during an onstage panel at TechCrunch Disrupt. “They don’t feel as threatened, they may not be in U.S. jurisdictions, and they tend to be very technical and learn these things in different venues.”

Plus, a key automatic advantage is that these threat groups also have a lot of time on their hands. “It’s a different motivation than the traditional adversaries that enterprises see.” Gruber has dealt with a few of these threats directly. There was no evidence of access to client systems or databases, however an intrusion at the end of 2023 in MongoDB resulted in the theft of certain metadata, such as customer contact information. 

According to Gruber, the attack mirrored Scattered Spider's strategies, and the vulnerability was reportedly minimal. "The attackers posed to be employees and used a phishing lure to get into MongoDB's internal network," he claimed.
Read more »
United States
CISA Cyber Crime SIM Swapping Teen Hackers United States

CISA Advises Firms to Adopt Passwordless Security in LAPSUS$ Report

 

A series of high-profile cyber attacks carried out by teenage hackers in 2021 and 2022 reveals systemic flaws in the telecommunications industry and security practices employed by a number of businesses, according to a Department of Homeland Security investigation. 

The department's Cyber Safety Review Board, in a 59-page report released Thursday, urged the Federal Communications Commission (FCC) and the Federal Trade Commission (FTC) to strengthen their oversight and enforcement activities related to SIM swapping, and requested telecommunications providers to report such attacks to the regulators. 

The board also advised organisations to abandon widely used SMS and voice-based multi factor authentication in favour of "adopting easy-to-use, secure-by-default-passwordless solutions." 

The report, commissioned by CISA Director Jen Easterly, focuses on a group of young hackers known as Lapsus$, who carried out a series of attacks against big technological companies such as Uber, Okta, Samsung, and others. 

The attacks garnered attention not only because of the victims, but also because of their boldness - hackers would frequently get access to a company's systems and critical data, then post screenshots and emojis in companywide internal chat conversations. 

Once it was revealed that the group mainly consisted of teens in 2022, it became even more well-known. Seven people between the ages of 16 and 21 were detained by British police in March of that year, and in October, Brazilian police detained a further person. 

The DHS review noted that the attacks highlighted how SMS-based multifactor authentication, a practise frequently employed by organisations to add an additional layer of protection when employees and customers log into accounts, may be thwarted by hackers due to inadequate security practises at telecom carriers.

Lapsus was able to get basic data about its victims, such as their name and phone number, and employed them to carry out fraudulent SIM swaps and intercept text messages that let them sign into accounts or carry out account recoveries. 

The federal government was urged by the review board to create a roadmap of "standards, frameworks, guidance, tools, and technology" that can assist organisations in implementing passwordless authentication rather than SMS-based multifactor authentication as part of its recommendations.
Read more »
Subscribe to: Posts (Atom)