Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Warshipping: A seriously sneaky cyber threat to businesses

Written by  Aug 13, 2019

X-Force Red say it’s a novel and effective way for an attacker to gain an initial foothold on a target’s network.

It is called Cyber Warshipping where cybercriminals send a package using low-cost and low power computers to remotely perform close-proximity attacks, regardless of the cyber criminal’s location. All for a cost of around £100.

This package, when received by the target business, starts working on remote commands of hackers where it either starts intercepting the wireless connectivity to get into the corporate network or pledges an evil twin attack which allows the threat actor to set up a decoy/fraudulent WiFi to steal credentials.

Advertisement

It then sends that scrambled data over the cellular network back to the attacker’s servers, which has far more processing power to crack the hash into a readable Wi-Fi password.

Once access to the Wi-Fi network is attained, the attacker can navigate through the company’s network, seeking out vulnerable systems and exposed data, and steal sensitive data or user passwords.

All of this could be done covertly without anyone noticing — so long as nobody opens the parcel.

Security researchers of IBM Security say that this Warshipping technique is sophisticated enough to pass through the firewall, spam filters, and other threat monitoring tools that are placed in the security perimeter of a company’s computer network.

Charles Henderson led the Big Blue’s Offensive Security team in building a cheap 3G enabled ‘warship device’ which was powered by a mobile battery and consisted Wi-Fi Chip, antenna and other components. They sent all these well-installed components in a package to a company and managed to intercept the company’s PC network.

Henderson said: “If we can educate a company about an attack vector like this, it dramatically reduces the likelihood of the success of it by criminals,” Henderson said.

Warshipping

IBM X-Force Red suggests that employees of companies, especially those at the physical security counter should scan all packages before they get delivered to the concerned team/individual/official.

Also, packages received from outside should be quarantined at a place where there is limited access to the corporate network.

Furthermore, any personal packages sent to employees should be monitored for any warshipping content.

Advertisement
Acronis True Image 2019

For more business news, help and advice try https://smallmediumbusiness.co.uk.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Advertisement

Popular Cyber News

Jun 12, 2020 Cyber Security

NHS email service fooled users in phishing attack

NHS Digital is contacting users of its NHSmail email system after a small number of mailboxes were compromised in a gene...

May 25, 2020 Cyber Security

Beware of security threats before deploying remote working

Remote working is receiving a great deal of attention recently for obvious reasons. The world has changed and remote wor...

May 07, 2020 Cyber Security

Three quarters of UK homeworkers haven't received cybersecurity training

As Covid-19-related cybersecurity threats continue to multiply, three in four of home workers are yet to receive any cyb...

Jun 09, 2020 Cyber Threats

Common types of cyber-attacks and how to avoid them

With cyber-attacks on the rise, businesses are constantly worried about losing vital data and the threat is very real. ...

Mar 27, 2020 Cyber Security

Hospitals worldwide offered free security software

As cyberattacks against hospitals surge during the coronavirus crisis, technology companies are stepping up to alleviate...

Mar 23, 2020 Cyber Security

Thousands of Netflix and Other Streamers Accounts are Being Stolen

With a massive surge in home use of video and music streaming services such as Amazon Prime Video, Apple Music, Netflix ...

May 18, 2020 Cyber Security

UK power grid operator Elexon hit by cyberattack

The UK’s power grid middleman Elexon has announced it has fallen victim to a cyberattack, which did not compromise pow...

May 05, 2020 Cyber Security

The importance of cybersecurity for UK businesses

Technology is constantly changing and at a pace which is hard to keep up with, but 'safety first' always applies. ...

Apr 16, 2020 Cyber Security

Cybersecurity lessons to be learnt from the Pandemic

It may not be obvious, but the spread of information on computer networks is like disease processes. ...

May 27, 2020 Cyber Security

UK scared cybercriminals will use NHSX Covid-19 Tracing App to launch attacks

Nearly half (48%) of the UK public surveyed about the NHSX COVID-19 tracing app do not trust the UK government to keep t...

Jun 08, 2020 Cyber Security

Ransomware attack compensation: What the UK public think

UK consumers believes businesses should stand their ground having suffered a ransomware attack and refuse to negotiate w...

Mar 20, 2020 Cyber Threats

UK Fintech Company Finastra Targeted by Hackers

UK-based financial technology company Finastra is investigating a cybersecurity incident that may involve a piece of ran...

Jun 06, 2020 Cyber Security

Phishing attacks on companies using PBX systems increases dramatically

While video conferencing solutions have become the prime targets for hackers recently following the shift to remote work...

Jun 12, 2020 Cyber Security

Cybersecurity in the shortsighted gig economy

The ‘gig’ economy encompasses the increasing economic trend for professionals to take on a series of temporary work ...

Apr 13, 2020 Cyber Security

Under half of UK businesses provide cybersecurity training: Kapersky

If businesses want to seriously wan to reduce he risk of data breaches and remains secure, they must commit to employee ...

Apr 17, 2020 Cyber Security

SonicWall launches boundless cyber security platform

SonicWall has released a new boundless cyber security platform to protect companies and government agencies remote workf...

Advertisement
Symantec Home 120x60

Advertisement