Skip to main content

Everyday IT Tools Can Offer ‘God Mode’ for Hackers

posted onJuly 13, 2021
by l33tdawg
Wired
Credit: Wired

Across the internet, more than a thousand companies spent the past week digging out from a mass ransomware incident. In the wake of the devastating compromise of Kaseya's popular IT management tool, researchers and security professionals are warning that the debacle isn't a one-off event, but part of a troubling trend. Hackers are increasingly scrutinizing the entire class of tools that administrators use to remotely manage IT systems, seeing in them potential skeleton keys that can give them the run of a victim's network.

From a Chinese state-sponsored supply chain compromise to an unsophisticated attack on a Florida water treatment plant—and many less visible events in between—the security industry has seen a growing drumbeat of breaches that took advantage of so-called remote management tools. And at the Black Hat security conference next month, a pair of British researchers plans to present techniques they've developed as penetration testers for security firm F-Secure, which allowed them to hijack yet another popular tool of the same kind—this one focused on Macs rather than Windows machines—known as Jamf.

Like Kaseya, Jamf is used by enterprise administrators to set up and control hundreds or thousands of machines across IT networks. Luke Roberts and Calum Hall plan to show off tricks—which, for now, remain technical demonstrations rather than ones they've seen used by real malicious hackers—that would allow them to commandeer the remote management tool to spy on target machines, pull files off of them, spread their control from one machine to others, and ultimately install malware, as ransomware gangs do when they drop their crippling payloads.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th