Activists protest airline cameras, a brute force attack and update this building system
Welcome to Cyber Security Today. It’s Monday June 10th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com.
I was at a conference last week in Toronto where an expert talked about how organizations are increasingly using video cameras and facial recognition technology. Among them are amusement parks, stadiums, cruise ships and airlines. Most of the time they’re not looking for criminals, it’s more for crowd control. A big U.S. amusement park uses it for identification in case their expensive entry tickets are lost. Cruise lines and airlines want to get people on their ships and planes as fast as possible, so they use facial recognition to match faces at the gate with those who have already signed in. But some organizations may use it in conjunction with law enforcement. The U.S. Department of Homeland Security is reportedly mandating facial recognition for airlines on all outgoing international flights. There are questions about what the images are being used for, how long they will be saved and whether you can opt-out. So last week a non-profit advocacy group called Fight for the Future launched a web site called AirlinePrivacy.com listing which airlines that operate in the U.S. do and don’t use facial recognition. Video or still images can be convenient, or creepy. It’s up to organizations to explain to people what the images are being used for.
A brute force attack is an automated process set up by a hacker that tries to break into a computer by firing thousands of stolen usernames and passwords at it until the system gets lucky with one of them. They often use the power of combined compromised computers, Wi-Fi routers or other Internet-connected devices into what’s called a botnet. According to a report from security vendor Morpheus Labs, one of the latest botnets is trying to break into a list it has compiled of about 1.5 million servers around the world. These particular servers have a piece of software that allow an authorized user to have remote access. They may be employees or administrators. Interestingly, this particular attack only tries one username/password combination on a server. Presumably that’s to avoid attracting attention to the attack. So this is another reason why IT administrators have to make sure anyone who has remote access to a server they control has to use multi-factor login to make sure a stolen password isn’t the key to getting into the company.
Attention IT pros: If your organization uses the Optergy Proton enterprise building management system for controlling heating and air conditioning, make sure it’s been updated. Last week the U.S. Department of Homeland Security issued a warning that the system has a number of vulnerabilities. The most serious of these is rated 10 out of 10. You need to be running Proton version 2.4.5 or later.
Finally, for those of you running Windows 10 there’s a new update available, version 1903. This is separate from the monthly security patches issued on the second Tuesday of each month — which will be tomorrow — and have to be installed promptly. Windows 10 will automatically install updates and patches automatically, unless you’ve disabled that feature so you can do it manually. You can check the status of your Win10 computer by going to Settings and click on the Update & Security section.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.