Cyber Attack Disrupts Passport Control at Istanbul Airport

July 26, 2013

The passport control system at Istanbul Ataturk Airport’s international departure terminal experienced a cyber attack on Friday, impacting operations at another airport in the city. Passengers faced lengthy delays, with many waiting hours as flight departures were postponed due to the system shutdown at both locations. Authorities were able to restore functionality after some time.

Reports indicated that the passport control system at Sabiha Gokcen International Airport was also affected by issues stemming from the Polnet data system managed by the Istanbul provincial security directorate. Preliminary investigations suggest the systems may have been compromised by malware, though authorities are still determining whether any user information was extracted from the affected machines.

As of now, there has been no claim of responsibility for the cyber attack. This incident is part of a worrying trend of malware attacks targeting critical infrastructure. Cybersecurity has become an increasingly critical concern in recent years.

Cyber Attack Disrupts Istanbul Airport’s Passport Control Systems

On July 26, 2013, the passport control systems at Istanbul Ataturk Airport’s international departure terminal faced a significant disruption due to a cyber attack, affecting operations not only at this major facility but also at Sabiha Gokcen International Airport, another key location in Turkey’s largest city. Passengers experienced extensive delays as lines grew longer, with numerous flights hindered by the shutdown of essential passport control systems at both airports.

Authorities have since managed to restore functionality to the affected systems, but the incident raises serious concerns regarding the resilience of critical infrastructure against cyber threats. Reports indicate that the malfunction at Sabiha Gokcen Airport may have stemmed from issues related to the Istanbul provincial security directorate’s Polnet data system. Early investigations suggest the potential involvement of malware, although authorities are still determining whether any user details were extracted from the compromised systems.

While no entity has claimed responsibility for this intrusion, the incident is consistent with a growing trend of cyber attacks aimed at infrastructure systems globally. Business owners and operators of vital services should take note of how such incidents can lead to operational disruptions, highlighting the need for robust cybersecurity measures.

From a technical perspective, this attack could have employed various tactics as categorized by the MITRE ATT&CK framework. Initial access may have been achieved through phishing or exploiting vulnerabilities within the security directorate’s systems. Once infiltrated, the attackers could have sought persistence, maintaining a foothold within the network to execute their objectives. Techniques such as privilege escalation might have been employed to gain control over critical system functions, exacerbating the impact of the attack.

Cybersecurity professionals must remain vigilant in the face of such threats. The evolution of cyber attacks necessitates a proactive approach to security, ensuring that infrastructures like airport systems are safeguarded not only from immediate risks but also from long-term vulnerabilities that could be exploited. This incident is a stark reminder of the imperative for continuous improvement in cybersecurity strategies and the importance of readiness against potential malware intrusions.

In conclusion, as evident from this cyber event in Istanbul, organizations must prioritize the fortification of their systems against a backdrop of increasingly sophisticated and targeted cyber threats. As the reliance on digital infrastructure deepens, such vigilance is not just beneficial; it is essential for operational safety and integrity.

Source link

Related Posts

Chinese Hackers Exposed by U.S. Water Control System Decoy

August 5, 2013

A notorious hacking group from China, known as APT1 or Comment Crew, potentially affiliated with the Chinese military, has been caught infiltrating a simulated United States water control system, also referred to as a honeypot. Kyle Wilhoit, a researcher from Trend Micro, disclosed the findings at the BlackHat Conference this past Wednesday.

Back in December, the hackers targeted a water control system for a U.S. municipality, unaware it was a ruse set up by Wilhoit. The decoy utilized a Word document embedded with malicious software, allowing for complete access.

These honeypots closely resembled the ICS/SCADA devices employed in critical infrastructure for power and water facilities. The setup, which employed cloud software, produced realistic web-based login and configuration screens for local water plants, making them look as though they were based in various countries, including Ireland, Russia, Singapore, China, Japan, Australia, Brazil, and the U.S. Researchers have traced the activity back to the APT1 Group, which was previously linked to by the security firm Mandiant.

Pakistani Hackers Target Thousands of Israeli Websites in Support of Palestine

August 14, 2013

A widespread cyber attack is currently underway, with thousands of Israeli websites being compromised by Pakistani hackers in solidarity with the Palestinian people. Reports indicate that around 650 Israeli websites have already been infiltrated, with the hackers posting their messages on these sites. One hacker, known by the alias “H4x0r HuSsY,” communicated with The Hacker News to announce upcoming releases of additional hacked websites. The attacker’s message included slogans such as “LONG LIVE PALESTINE – PAKISTAN ZINDABAD HAPPY INDEPENDENCE DAY TO & FROM TEAM MADLEETS.”

The affected sites include semi-government, personal, and corporate Israeli domains. At the time of this report, many of these websites continue to display defaced pages. This cyber offensive follows a recent declaration of a “cyber war” on Israel by global hacker collectives, including the Anonymous group, after the Israeli Defense Forces threatened to cut off internet access in Gaza.

FBI Collaborated with Anonymous and LulzSec Hackers to Target Foreign Governments

August 28, 2013

Sentencing for former LulzSec leader Hector Xavier Monsegur, also known as “Sabu,” has been postponed again. Monsegur, who pleaded guilty to multiple criminal charges two years ago, faces a maximum sentence exceeding 124 years. Additionally, fellow LulzSec hacker Jeremy Hammond has alleged that the FBI utilized Sabu to orchestrate attacks against foreign governments, leveraging the efforts of Anonymous and other hackers.

The ongoing delays suggest that the FBI may not be fully extracting information from Monsegur, hinting at the possibility that he is assisting with other covert operations as claimed by Hammond. In a recent statement, Hammond accused the U.S. government of directing Monsegur to motivate fellow hacktivists to breach foreign government entities. “What many don’t realize is that Sabu was also used by his handlers to orchestrate hacking activities targeting government-selected entities, including multiple foreign government websites,” Hammond stated.