Industrial espionage is a serious problem for companies. And these days, cyberattacks make it easier than ever to access confidential information or patents found inside an organization. If a cyberattacker manages to steal this kind of data, the victim could be seriously damaged. And not just at a reputational level, but also economically speaking: a stolen patent would be enough to guide the way to develop similar products, leading to success off the back of the years of investment and internal research carried out by the victim.
One of the most popular tools for industrial espionage is spyware. With this kind of malware, a cyberattacker can steal access credentials, which can then be used to steal confidential data. Now, however, cyberattackers have another potential method to carry out industrial espionage.
Prying-Eye: a vulnerability to spy with
In July, cybersecurity researchers discovered a vulnerability, which they have called Prying-Eye, in the video conference platforms Cisco Webex and Zoom. By launching an enumeration attack against the application program interface (API) with a bot, attackers would be able to listen to and see private meetings that hadn’t been protected with a password.
An enumeration attack is a kind of brute force attack. The bot cycles through (enumerates) and discovers valid meeting IDs in video conference systems in order to join and spy on meetings. According to Shreyans Mehta, CTO and founder of Cequence Security, which discovered the vulnerability, “In targeting an API instead of a web form fill, bad actors are able to leverage the same benefits of ease of use and flexibility that APIs bring to the development community.”
Following vulnerability disclosure best practice, the researchers that discovered Prying-Eye notified the affected vendors in order to give them time to validate and respond to the findings.
The vendors respond
As Richard Farley, CISO of Zoom Video Communications Inc. explains, “Zoom has improved our server protections to make it much harder for bad actors or malicious bots to troll for access into Zoom meetings.”
The Cisco Product Security Incident Response Team has issed a security warning for its Webex clients, but has said that “is not aware of any malicious exploitation of this potential attack scenario.”
The danger of vulnerabilities
Over the last few months, several widely used systems and applications have been affected by serious vulnerabilities. Towards the end of September, Microsoft launched a patch to fix a remote code execution vulnerability in Internet Explorer; and in August, a vulnerability was discovered in OpenDreamBox, an IoT software provider. This vulnerability affected as many as 32% of the world’s companies.
Make sure you’re not the next victim of a vulnerability
The Prying-Eye vulnerability serves to highlight the importance of several cybersecurity measures. The first of these is the use of robust passwords. This vulnerability only works on video conference systems that are not protected with a password. Although this may seem like an obvious measure, there are still many systems that are not properly protected.
When it comes to protecting against vulnerabilities, the only valid response is to keep the system and all applications 100% up-to-date with the relevant updates and patches. To ensure that you all your computers are always up-to-date, Panda Adaptive Defense has an additional module, Panda Patch Management. This module searches for relevant patches for operating systems and hundreds of applications. It audits, monitors and prioritizes updates so that you can be sure to always have the best protection against vulnerabilities.
A vulnerability like Prying-Eye could cause serious problems for your organization, especially if it leads to industrial espionage or the leaking of company secrets. Get ahead of all vulnerabilities with Panda Patch Management.
1 comment
Cyber espionage should be discouraged … it should be considered ok to steal people data simply because people cannot realized what is going on