DailyPost 2186
UBER – IS GETTING HACKED THE NEW NORMAL?
Expertise prevails in any dimension of technology. Reading customers minds guarantees success in one area, might be their ignorance too, in the same manner, understanding the mind of victim is critical to the successful execution of cyber-crime, if you have an ignorant victim, it is all the more better. Being over confident and casual also helps the hackers and standard systems of hoodwinking generally succeed, at the end of the day we are not a digitally security enabled thinking animals. But that is what is expected out of us being full time users of the digital technology. Uber has been the latest victim.
Uber suffered a cyberattack on 15th Sept 2022 afternoon with the culprit compromising its internal systems, email dashboard and Slack server, as was reported by Bleeping Computer. They attacker posted screenshots to prove that they had full access to critical IT systems. The compromised systems included Uber’s security software, Windows domain, Amazon Web Service console, email admin dashboard and Slack server. It was being used for posting the messages. They even bagged Uber’s source code as proven by screen shots. It is suspected that Uber was hacked by an 18 year old. Uber confirmed the attack on its Twitter account.
Uber hacker claims to have hacked Rockstar games. As evidence of this, videos of Grand Theft Auto (GTA-6), have been leaked. The games are in the early stages of development. The hacker claims to have gained access to Rockstar Games’ Slack server. GTA6 server leak took place over the weekend. The phrase ”zero trust” has sometimes become a meaningless buzzword in the security industry, this breach shows what it is not. Uber hackers had gained deep access inclusive of OneLogin. Recently, Twitter’s former security chief alleged deplorable security practices with the social media giant.
Uber on Monday disclosed that the threat actor is believed to be affiliated to the notorious LAPSUS$. The genesis of this attack goes to an ”EXT contractor” having his personal device compromised. The timing of this breach could not have been worse off. On Friday, CEO Dara Khosrowshahi was to testify at the trial of Uber’s former security chief, Joe Sullivan, who is facing criminal obstruction charges for his role in the company’s response to a hack six yeas ago. Uber did not disclose the breach until a year later. It is said that they ended up paying the hackers $100,000. Given this scenario how many of hacks get reported can be anybody’s guess. Crash commercialization might kill the golden goose, they have come very near to it. Lip service to cyber security can be suicidal. Can we trust the ones whom we have mortgaged our data to, with no legal rights.
THE TECH CAN MOVE FURTHER IN THE INTEREST OF THE USERS, ONLY IF SECURITY BECOMES A HARD CODED DESIGN ELEMENT AND A STRINGENT ECOSYSTEM TO SUPPORT IT.
Sanjay Sahay