(REUTERS/Kacper Pempel )
Access to an airport security system can cost as little as $10.
That is what cybersecurity giant McAfee discovered during her research into the metro and the nefarious hacker marketplaces on the internet, commonly known as the Dark Web.
The rights were sold through a Russian Remote Desktop Protocol (RDP) shop, McAfee’s Advanced Threat research team discovered. RDP is a proprietary Microsoft protocol that allows an administrator to remotely access a PC. “Something big for the troubleshooting of IT problems, but potentially devastating in the wrong hands,” McAfee said in a statement.
SAMSUNG GALAXY SMS BUG SENDS RANDOM PICS
This RDP “shops” explode on the Dark Web via the Ultimate Anonymity Service (UAS), a Russian company, McAfee added.
Criminals, like the infamous SamSam group that crippled the city systems in Atlanta, the advantage of RDP because they don’t need to phishing campaigns or worry about anti-malware defense.
What is for sale
Windows Server 2008 and 2012 were the most common systems for sale on RDP-shops, with more than 17,000 available, McAfee. The prices ranged from around $3 for a standard configuration, for $19 for a higher performance system that has administrator rights.
With the help of the connections that are offered by RDP stores, McAfee was able to quickly find a “high value target” in the U.S. In this case, a Windows Server system that was connected with a city in the USA. the sale price with administrator rights: $10.
A look by McAfee researchers found that some of the system accounts were connected to a large international airport.
HUGE MINISTRY OF JUSTICE OPERATION NABS ILLICT DARKNET SUPPLIERS
“After running a number of open-source searches, we find that [one of] the accounts were associated with two companies specialized in the security of the airport; one in the security and home automation, and the other in camera surveillance and video analytics,” the report said.
The writing is on the wall, McAfee explained. Infamous attackers, such as the SamSam group that wreaked havoc in Atlanta, can make use of an RDP-shop to access one of these systems. That Atlanta attack brought the court and the Atlanta Police Department to its knees.
The attackers do not have to perform extensive malware campaigns to get in an airport security system.
“Cyber criminals, such as the SamSam-group only have to spend an initial $10 dollars to gain access to and charging $40K ransom for decryption, not a bad investment,” McAfee said.