Uber has been hacked

September 22, 2022

A comment by Danielle Jablanski, OT cybersecurity strategist at Nozomi Networks

On 16.09. it was announced that the ride service provider Uber has been the victim of a cyber attack. The attacker was an 18-year-old who was able to obtain the access data of employees using the simplest social engineering techniques. This incident shows that even large, globally active companies are not always exemplarily secured against commonly used attack techniques.

The timing is interesting from a political point of view, even if the motivation seems to be unrelated to the trial according to the news shared. Regardless of the outcome of the trial, it is alarming that an individual was apparently able to gain such widespread access using known social engineering techniques to access an internal corporate VPN. This is a typical teaching example that security experts use to explain to people what damage unauthorised access can really do. This awareness is important to promote better security practices. We always cover such hypothetical situations or report incidents we have seen in practice, but we also advocate responsible disclosure. It does not make a good impression to publicly try to embarrass a company by doing something illegal. 

Genetec

Related Articles

Helmet with nanofoam effectively protects brain

Helmet with nanofoam effectively protects brain

Nanotubes and absorber made from them (Illustration: Ramathasan Thevamaran, wisc.edu)A foam based on carbon nanotubes improves the protective effect of helmets, such as those worn by two-wheelers and soldiers, by a factor of 18. The material, developed by researchers...