(In)secure digest: Tesla sabotage, the hospital blackmailer and excessively patriotic American President
Every month we enrich our collection of classic and non-trivial cybersecurity cases. Data leaks, frauds, sabotage, and other incidents caused by insiders are of our interest.
Some of the cases are funny, others are scandalous, but all are definitely edifying. Some cases happen out of nowhere, and there are also some caused by the extremely negligent attitude to security rules (Eh? Trump) So, without further ado, let’s get started.
Tesla employee sabotage
What happened: At the auto plant in Fremont, California, the production line stopped for several hours. IT security has quickly figured out the incident details.
Who is to blame: It was one of the employees who paralyzed the working process, lately, he destroyed the company’s computer and attempted to blame his colleague. The violator was fired. Although the company does not disclose details of the incident, we can conclude the reason for an insider breach was the notorious “employee revenge”, which Tesla faces not for the first time. For example, in 2018, Elon Musk accused former company engineer Martin Tripp of sabotage.
Nothing is sacred
What happened: Personal information of 150 patients was leaked from St. Michael’s hospital in Toronto, Canada. Their full names, medical history, diagnoses, treatment plans, and prescribed medications fell into the wrong hands.
Who is to blame: Clinical records from the hospital were taken out by an employee whose job was to decipher medical appointments and compile reports. The attacker tried to blackmail the hospital management, demanding a ransom for stolen copies of documents. The police initiated the case, now there is a trial. The hospital discussed the incident with the staff and claims the improvement of information security practices”.
What happened: This case occurred in the United States. Transcripts of prisoners’ phone conversations with their loved ones, as well as their confidential calls to lawyers have become publicly available. Security researchers reported that the database with thousands of records has been on the net at least since April.
Who is to blame: One of the contractors of the telecom company HomeWAV made a mistake. The control panel of one of the databases was not protected with a password. Consequently, any user could view call logs, and read transcripts of prisoners’ conversations with friends and relatives.
HomeWAV has publicly acknowledged the incident. However, it still remains unclear why the company recorded conversations protected by the attorney-client privilege.
“Nothing to hide, Mr. President?”
What happened: The Twitter account of the US President Donald Trump has been hacked once again. The incident eloquently emphasized the importance of strong password protection and revealed security gaps in the social network.
Who is to blame: The breach was performed by a hacker from the Netherlands, Viktor Gevers. He alleges that he got access to the account from the fifth try, and what surprised him a lot is that four unsuccessful attempts were not blocked by the system. The malicious login was super easy, the password was as eloquent as it could be «maga2020!». One more strange point in the story is that two-factor authentication was not enabled.
Gevers immediately reported the successful hack to the CIA, the FBI, the Trump’s team, and Twitter. By the way, the Dutchman was one of three hackers who hacked the account of an American politician in 2016.