After reading this post, you should become more aware on things you share online. Two weeks ago, as Bloomberg reported, hackers from Asia brought a new threat with their ability to penetrate airlines security system. They brought away passenger information with them and shared some network infrastructures on the internet, but that is not the worst case. The worst case it they could use the information to purchase something on the customer’s behalf, after sharing it with other hackers, blackmail either the company or the passengers, or develop a more serious threat by correlating data from the Office of Personal Management with medical histories and airline manifests. In other words, they can know anything about your past and present life, then use it for their own intentions.
The attacks on the American Airlines and Sabre travel reservation processor shared same evidences of infiltration activities. As long as we know, the China-based hacking team is behind the curtain of this event.
Even though all the post-event impacts are not clear yet, there are things we know. First, the hackers may crawled from Sabre’s system into American Airlines, as if both companies do not have security prevention, such as the latest VPN technology. Second, the hackers left some of the network infrastructures available online.
It is Getting Hot, even with VPN
The 21st century is a huge digital book. People are willing to share their personal information on the internet as long as they can get what they want. This is how the hackers ‘win.’ They mine your data. The more data they gather, the easier for them to hack into any system, even the ones with advanced VPN.
Airline industries are the best companies in terms of securing their information, especially their customer information. However, how come they could be powerless against hackers? My first assumption would be these companies are lack in intention in securing their information. At least, I conclude this from Bloomberg report that in April 2014, these hackers mimicked the American Airlines website with their own ‘united-airlines.net’ as their test subject. This domain was belong to, James Rhodes, a fictional character from Marvel Comics with “War Machine” as his alter ego. It is clear that these hackers use this fictitious name as a clear sign of their attack.
The Iceberg Case
The two recent outbreaks are just the top of iceberg on our security issue. The real threat is waiting out there.
Most hackers used forums to share their hacking experiences into your VPN and other security systems. It is a perfect place for other hackers to learn and hone their skills. They learn to be the hacking prime. They race for the title, giving all the resources they have while we are lack of preparations on our side.