"Hardware-based hacks are on the rise yet again, a former Israeli intelligence officer and longtime cybersecurity expert Yossi Appleboum told CyberNews.
In the last 15 months, experts saw what they call a dramatic increase in rogue devices. They can be anything from a simple USB stick, a wired keyboard, or a Raspberry Pi pocket-sized computer modified to help criminals hack into an organization. As a result, companies’ information can be leaked. It can be hit with ransomware or distributed denial of service (DDoS) attack.
Recently, Bleeping Computer ran a story about scammers sending fake replacement devices to Ledger customers exposed in a recent data break. Ledger is a hardware crypto wallet. In December 2020, the data for over 270,000 people who purchased a Ledger device was published on a hacker forum. Scammers used this leak as a pretext to send new hardware wallets to Ledger customers claiming they are more secure. Only it was designed to steal and not to protect.
“More organizations are spread across the globe, people are working from home, and there’s no common method and tools for normal organizations, even highly secure organizations, to deal with the impact of vulnerable USB devices in their networks,” Appleboum told CyberNews.
He is a co-founder and CEO of Israeli-based Sepio Systems, which engages in rogue device mitigation (RDM). RDM is a whole new battlefield. Even the most secure organizations can fall victim to hardware-based attacks as these rogue devices are very difficult to detect and may be sitting in the office and stealing information for years.
“Most of our customers came to us saying that they found data of their organization running outside without understanding how. Or they physically found a device by some random scan, and their concern was: how many others do they have?” Appleboum said.
In one incident, he and his colleagues were able to find dozens of attack tools within the same organization. Experts discovered a criminal organization within the company, and those criminals were bringing rogue devices to the company daily.
In October 2018, Bloomberg carried out an investigation on how China used a tiny chip to infiltrate US companies, such as Amazon and Apple. Chinese supposedly intercepted the supply chain of Supermicro, which has sold servers to Amazon, Apple, the US Department of Defence, and other companies. Hackers developed a chip that theoretically could act as a backdoor to Supermicro servers. Bloomberg’s story was then dragged to mud not only by mentioned companies but cybersecurity experts as well. But let’s not get into the details about it – the pure fact that a chip can serve as a rogue device is valid."
Read the entire article at cybernews below.