Critical Flaws In Maritime Communications System Could Endanger Entire Ships (helpnetsecurity.com) 41
Orome1 shares a report from Help Net Security: IOActive security consultant Mario Ballano has discovered two critical cybersecurity vulnerabilities affecting Stratos Global's AmosConnect communication shipboard platform. The platform works in conjunction with the ships' satellite equipment, and integrates vessel and shore-based office applications, as well as provides services like Internet access for the crew, email, IM, position reporting, etc. The first vulnerability is a blind SQL injection in a login form. Attackers that successfully exploit it can retrieve credentials to log into the service and access sensitive information stored in it. The second one is a built-in backdoor account with full system privileges. "Among other things, this vulnerability allows attackers to execute commands with SYSTEM privileges on the remote system by abusing AmosConnect Task Manager," Bellano shared. The found flaws can be exploited only by an attacker that has access to the ship's IT systems network, he noted, but on some ships the various networks might not be segmented, or AmosConnect might be exposed to one or more of them. The vulnerabilities were found in AmosConnect 8.4.0, and Stratos Global was notified a year ago. But Inmarsat won't fix them, and has discontinued the 8.0 version of the platform in June 2017.
Not To Worry (Score:3)
Don't worry, there's no way the designer of the system would give details of the backdoor to a sexy enemy spy posing as an industrial espionage spy. Noone could make strategic use of that vulnerability unless they did something audacious like nuke all the colonies at once. /s
Re: (Score:2)
Don't worry, there's no way the designer of the system would give details of the backdoor to a sexy enemy spy posing as an industrial espionage spy. Noone could make strategic use of that vulnerability unless they did something audacious like nuke all the colonies at once. /s
Well, I'm pretty sure this has all happened before.
Re: Not To Worry (Score:1)
"...could endanger entire ships..." (Score:5, Funny)
As opposed to endangering only half a ship, I guess...
Re: "...could endanger entire ships..." (Score:3, Funny)
Technically the bottom half is already sunk. So there's only a 50% chance that an exploit will cause a problem.
Re: (Score:2)
Your glass is half-full.
Re:"...could endanger entire ships..." (Score:4, Insightful)
As opposed to endangering only half a ship, I guess...
Less than that, I would think. The vulnerabilities expose a ship's IT systems. Potentially the entire set of IT systems, I suppose, but just the IT systems.
Now, there may be serious consequences from such a compromise that could endanger the "entire" ship, such as leaks of strategic information, combat readiness, or defense vulnerabilities. But the headline still reads like breathless clickbait.
Re: (Score:2)
Because ships don't do safety critical things with their IT systems--like, say, navigation.
Re: (Score:2)
Re: (Score:2)
BACKDOOR ACCOUNT TOO? WTF?? LOL! Not smart...
Backdoor access is typical and often necessary. For instance, iLO on HP or iDRAC on Dell. Or many things based on WS-Management, IPMI, etc. There's also stuff like reserved connections for superusers in Postgres, sqlplus prelim in Oracle, runlevel 1 in linux, and many others.
This is not a problem by itself as long as it's done properly.
Properly, is this inside - the article's proof (Score:1)
See subject: I spent a 24++ yr. pro career cross platform programming around many industrial class apps on many a DB (where I had DBA rights or was the DBA) & even on OS ACL usertables? Dump users you don't need (e.g. someone's terminated blow them out that day) of ANY kind when/if possible.
* This article's proof on that front - Fact is, it's REALLY basic in security.
(It's PROPERLY... as you said it OUGHT to be, in fact - less risk variables to deal with)
APK
P.S.=> A good chunk of securing anything is
Stop the sensational headlines (Score:3)
Article says "Could endanger *entire* ships" If this flaw can't sink or disable the engines it isn't endangering them, much less the *entire* ship.
Re: (Score:2)
Some don't, it seems... https://www.youtube.com/watch?... [youtube.com]
Injection (Score:2)
SQL Injection Attacks? What year is this, 2005?
Oh, how horrible! (Score:2)
Oh, how horrible!
A vulnerability that allows someone "SYSTEM privileges" is ever so much worse than one which allows "system privileges"!
Slow security scare day?
War (Score:2)
You guys are refusing to ack it, but you are at WAR. The cyber WAR is already started with Russia. Make no mistake about it.
Election trolling is one thing, fishing for NSA secrets is another. Troll propaganda yet another. There have been reports of GPS interference near the Russian coast. Several US warships have already been involved in major accidents. Those might be explainable by sheer incompetance of the US Navy apparently current, but dont close your eyes for external influences.
NOBODY TELL PLAGUE (Score:1)
Imagine the havoc he could wreak with the ships ballast systems!