Posted on October 5, 2020 at 1:27 PM
The sophisticated nature of some hacking incidents has made people believe most hackers are highly skilled and very careful to prevent any traces back to them.
But a discovered incident by the director of threat hunting at Darktrace AI Max Heinemeyer has proven otherwise. According to the cybersecurity expert, some hackers were so dumb that they forgot to clean traces that will lead to them
Max was looking at some of the weirdest attacks recorded by the AI cyber-brain. As someone who has been in the cybersecurity industry for three decades, Max has seen all sorts of security threats, including the most potent ones and the weirdest ones.
He recently revealed one of the dumbest he has ever seen throughout his astonishing career.
Some of the weirdest attacks
He said sometimes in 2010, hackers placed the picture of comedy actor, Mr. Bean, in place of the image of the Spanish Prime Minister on the EU presidency site. Two years later, there was another weird incident where some hackers decided to hack an Iranian nuclear facility just to play AC/DC Thunderstruck at full volume. As at then, many observers wondered why the hackers would go the extra length and take a high risk to hack a critical facility only for something as trivial as enjoying the full volume of a song.
However, the most bizarre and dumbest had to be the hackers who uploaded their fingerprints to the cybercrime scene.
“The Darktrace AI detected what is potentially the first hack where the perpetrators purposely left their fingerprints at the crime scene,” Max revealed.
Uploading own fingerprints to cybercrime scene
In the cybersecurity world, a hacking fingerprint doesn’t mean the physical fingerprints in the real world. In most cases when security experts are talking about fingerprints, they are referring to any digital traces that may lead researchers back to the threat actors.
Max says what the hackers left behind is literally their fingerprints, which can be used to trace the attacks back to them.
The attack occurred at a luxury goods mall, where the owners of the mall installed 10 fingerprint scanners to reduce warehouse access and minimize risk.
But the hackers, to gain access, deleted some authorized fingerprints and uploaded their own.
The AI brain was able to identify the irregularity in the scanners, as one of the scanners was misbehaving, which exposed the attack to the security team within minutes. They quickly gathered the evidence that was implicative enough for law enforcement to make their arrest.
Although Max fished out other hacking incidences, they didn’t come close to the fingerprint scanner incident when it comes to the level of dumbness.
According to Max, the word “weird” is the more proper term to describe other strange hacking incidences the AI brain system has picked up.
For instance, there was a hacking incident that demonstrated exactly how the Internet of Things (IoT) devices can be vulnerable to exploitation. Three years ago, cybercriminals looking to get information about high-rollers attacked a casino. They used sensors that regulate fish feeding schedules, salinity, and temperature. The attack method was termed “fish tank hack.”
Another weird one is the parking meter porn incident two years ago. The attack was about a digital parking stall at an international airport. According to Darktrace AI, the digital mall was trying to connect to sites that features adult content. According to Max, the activity did not show the content because it had no screen. However, it drastically slowed down the proper functioning of the kiosk.
And in the 2015 hack of an Italian bank, the Darktrace AI security team discovered that some servers connected to the bank’s servers from an unknown IP address, which led to some mystifying traffic numbers and patterns.
These are some of the weirdest hacking incidents the Darktrace AI security team has recorded, but none of them were as dumb as the hackers who left traces of their activities for security researchers unknowingly.