SITA Passenger Service System (SITA PSS), a communications and IT service provider for 90 percent of the world’s airline companies, suffered a massive data breach. The company calls the attack that targeted its U.S servers in Atlanta a “highly sophisticated attack.”
Singapore Airlines, a company that uses SITA’s services, reported that over 580,000 customers were affected. The total number of affected customers could well over be in the millions.
Edna Ayme-Yahil, SITA’s spokeswoman didn’t disclose what type of data was compromised, although she did inform Threatpost that “it does include some personal data of airline passengers.” “Many airlines have issued public statements confirming what types of data have been affected in relation to their passengers,” told Yahil.
Yahil also said that airline members of the Star Alliance, including Lufthansa, New Zealand Air, and Singapore Airlines, along with OneWorld members Cathay Pacific, Finnair, Japan Airlines, and Malaysia Air have started communicating with its at-risk users. Malaysia Air had already reported being affected by a data breach through its Twitter account earlier.
As predicted by IDC, there will be 55.7 billion connected devices worldwide by 2025, out of which 75% will be connected to an IoT platform. To communicate securely, each machine needs a unique identity to authenticate and secure communications. Machines are identified by digital certificates that are assigned by dedicated Certification Authorities (CA), which encrypts the data for machines that communicate. Lack of a dedicated inventory to manage these certificates results in several security-related outages and there is a dire need to check the authenticity of certificates, and implement security measures around machine identities.
Forrester predicts that over 50% of organizations find it difficult to protect their machine identities. Enterprises lose track of the number of bots they’ve created. Bad actors use these organizational bots as undercover to take advantage of unprotected machine identities to gain reign over network and devices. Most vulnerable endpoints on a network are isolated and exposed machines of an organization that haven’t adopted tools that enforce access control and policies, endpoint management and credential authentication. Securing machine identities should be a priority for organizations in 2021. Governing the access of those who have access to these machines is a start. Enforcement of policies must be made stringent for machines as well. Such provisioning work often requires manual effort, and it can be extremely time-consuming. Monitoring systems are often unsuccessful in identifying machine endpoint configurations and spotting anomalies. AIOps-enabled infrastructure monitoring can prove beneficial in detecting anomalous activities and event correlation in real-time. The future lies in leveraging cognitive technologies to read through data, detect anomalies, and even recognize the possibilities of a data breach before they occur.
Clubhouse, the iOS-only audio-based social app that has been on the news for quite a while, is trending now for not-so-great reasons. A third-party developer from mainland China designed an open-source app for Android that allowed users to access the audio platform’s service. The developer posted the source code on Github and said that the app allowed anyone to access personal audio sessions without an invite, creating a stir.
This app is apparently not alone as there have been reports of similar third-party forms of access. All these third-party tools have now been blocked from accessing the service.
John Furrier, founder and chief executive officer of SiliconANGLE Media Inc. tweeted about the anomaly. Furrier explained that the hack involves bricking an iPhone and then reverse-engineering the Clubhouse iOS app to gain access to various audio streams using a malicious code. If the app blocks the bot that is performing the hack, another iPhone takes the place of the previous iPhone, and the process continues. “If Clubhouse bans the bot, another iPhone takes its place,” said Furrier.
The company has added “safeguards” to prevent a repeat of audio from their service from being accessed by third-parties, informed Reema Bahnasy, a spokeswoman for Clubhouse, to Bloomberg.