Uber said on Friday it was responding to a cybersecurity incident after a hacker apparently breached its network.
The New York Times reported that Uber had discovered the
breach on Thursday and taken several of its internal communications and
engineering systems offline as it investigated the extent of the hack.
A security engineer said the intruder provided evidence of
obtaining access to crucial systems at the ride-hailing service.
However, there was no indication that Uber’s fleet of
vehicles or its operation was affected.
“It seems like they’ve compromised a lot of stuff,” said Sam
Curry, an engineer with Yuga Labs who communicated with the hacker.
That includes complete access to the Amazon and Google-hosted
cloud environments where Uber stores its source code and customer data, he
said.
Curry said he spoke to several Uber employees who said they
were “working to lock down everything internally” to restrict the hacker’s
access. That included the San Francisco company’s Slack internal messaging
network, he said.
He said there was no indication that the hacker had done any
damage or was interested in anything more than publicity. “My gut feeling is
that it seems like they are out to get as much attention as possible”.
We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.
— Uber Comms (@Uber_Comms) September 16, 2022
The hacker had alerted Curry and other security researchers
to the intrusion on Thursday evening by using an internal Uber account to
comment on vulnerabilities they had previously identified on the company’s
network through its bug-bounty program, which pays ethical hackers to ferret
out network weaknesses.
The hacker provided a Telegram account address and Curry and
other researchers then engaged them in a separate conversation, sharing
screenshots of various pages from Uber’s cloud providers to prove they broke
in.
Teenage hacker?
The Associated Press attempted to contact the hacker at the
Telegram account where Curry and the other researchers chatted with them, but
no one responded.
The New York Times reported that the person who claimed responsibility
for the hack said they gained access through social engineering: They sent a
text message to an Uber worker claiming to be a company tech employee and
persuaded the worker to hand over a password that gave them access to the
network.
Social engineering is a popular hacking strategy, as humans
tend to be the weakest link in any network. Teenagers used a similar ploy in
2020 to hack Twitter
The Times said the hacker reported being 18 years old and
saying they broke in because the company had weak security. In the Slack
message that announced the breach, the person also said Uber drivers should
receive higher pay.
Uber said it was “currently responding to a cybersecurity
incident. We are in touch with law enforcement”. It said it would provide
updates on its Twitter Comms feed.
The company has been hacked before.
Its former chief security officer, Joseph Sullivan, is
currently on trial on allegations he arranged to pay hackers $100,000
(€100,135) to cover up a 2016 high-tech heist in which the personal information
of about 57 million customers and drivers was stolen.
0 comments:
Post a Comment