Where The Ride Was Hijacked for Uber

 

A cybersecurity nightmare allegedly orchestrated by an innocent-sounding attacker referred to as “Tea Pot” hit the popular rideshare and food delivery company, Uber, on September 15.  The innocent-sounding “Tea Pot” is apparently linked to the Lapsus$ hacking group that was able to breach some very well-known tech firms earlier this year (Microsoft being one).

 

This is Uber’s third significant data breach since 2014.  The extent of the damage is still unfolding, but it appears likely to have been what’s called an MiTM attack.

 

When Fatigue and Exhaustion Have Much More Than Physical Ramifications (in Cybersecurity Speak, Don’t Share That Ride)

“MiTM” attacks go by a few different names:  man in the middle, monster in the middle, monkey in the middle, manipulator in the middle.  Whatever you call them, they involve a cyber criminal meddler in the middle getting inside of your business and breaching your cybersecurity.  

 

These types of attacks are also referred to as “exhaustion attacks” and “fatigue attacks,” where hackers continue to attempt to log into a user account that is subject to two-factor authentication with numerous sign-in notifications until they effectively wear down the unsuspecting and unaware user.

 

In Uber’s case, it appears as if a contractor’s account was targeted and compromised after a personal device was infiltrated with malware.  That evidently led to the contractor’s credentials being sold on the dark web.

 

This is where the MiTM comes into play.  Let’s refer to them as “man in the middle.”  The man in the middle is able to then eavesdrop on targeted employees’ conversations with one another, impersonating the two parties in a way that neither realizes they are not speaking directly to the intended party – or “active eavesdropping.”

 

The unintended consequences in Uber’s case yielded access to the company’s internal VPN, intranet, Slack internal messaging conversations, tools like AWS (cloud infrastructure of Uber’s apps), vulnerability reports (obviously ripe for upgrading), its Privileged Access Management platform (PAM), and way too many hardcoded credentials for super sensitive data.        

 

Company Tech Secrets Are Meant To Be Kept, Well, Secret.  That’s What CyberSECURITY Means.

It goes without saying.  If this type of data breach can happen to an organization as large as Uber, it can easily happen to your small or mid-sized business.  That’s why you should seriously consider working with a managed cybersecurity services provider like ITque that has the background and knowledge to protect your business’s cybersecurity in a way in which you may not be able to replicate in-house. 

 

Cybersecurity Best Practices ITque Can Help You Employ:

1. Make sure you have a strong encryption mechanism on wireless access points.  Encrypted authentication may be more expensive, but it is well worth it in the long run in terms of your organization’s cybersecurity.
2. A VPN is a second layer of security that can monitor traffic between its gateway and employees’ devices and protect your business from many places in which a cyberattack could happen.  They are not fool-proof, however, but ITque can help you evaluate the cost-benefits.
3. Make sure that all websites your employees, your contractors – really, anyone associated with your business – visits are secure.
4. Educate your employees on all of the tactics that hackers employ, as well as the serious risks and implications to your business.  Remember:  cybersecurity readiness and some of the most effective cybersecurity tools start with your employees.
5. Make sure all employees know that if they receive a push notification for authentication that they are not expecting:  BEWARE!
6. Embrace a security first mentality throughout your organization.
7. Email passwords should change with frequency.
8. Employ two-factor authentication that involves six-digit codes, without exception.
9. Make sure your organization’s anti-virus software is current and best-in-class.
10. Partner with a leading managed cybersecurity services provider like ITque.

 

ITque Makes Cybersecurity a Comfortably Safe Ride.

The costs of cybersecurity breaches and protecting your organization’s and your customers’ data are far-reaching and go beyond monetary.  They can also negatively impact productivity, disruption to your business operations, and certainly your reputation. 

 

ITque  provides your business with comprehensive managed security services and sound network security solutions.  We are a boutique quality IT security services provider in Silicon Valley, with a deep knowledge of the most innovative and effective cybersecurity tools.  We offer guidance on everything you need to take control of and feel secure about your cybersecurity and data, 24x7x365.  Serving the San Francisco Bay Area; greater Los Angeles area and Orange County; and Dallas-Ft. Worth, we are an all-inclusive network security provider with a collaborative communication style and a security first approach for your business. 

 

If you have no current provider or are looking for a new IT security services company, contact us today to learn more about what ITque can do to help protect you.  We’ll help you ensure that what happened to Uber doesn’t happen to you!