Hacker Uploads Own Fingerprints to Crime Scene in Dumbest Cyber Attack Ever
upstart writes in with an IRC submission for SoyCow639:
Hacker Uploads Own Fingerprints To Crime Scene In Dumbest Cyber Attack Ever:
Max Heinemeyer, director of threat hunting at Darktrace[*], thought it would be interesting to look back at the seven years since launching its AI-powered cybersecurity solution.
[...] Most often, when you hear cybersecurity professionals talking about hacker fingerprints, they are referring to any traces, any digital tracks, that have been left behind by a perpetrator. This kind of fingerprinting can help make broad-brush attack attribution, but it remains almost impossibly difficult to get a definitive attribution purely from such cyber-evidence. Unless that is, you were the hacker responsible for this attack on a luxury goods company which happened back in 2018 but has just been revealed by Heinemeyer.
[...] "The Darktrace AI detected what is potentially the first hack where the perpetrators purposely left their fingerprints at the crime scene," Heinemeyer says, "literally, their fingerprints." The luxury goods business had installed ten fingerprint scanners so as to restrict access to warehouses in an effort to reduce risk. "Unbeknown to them," Heinemeyer continues, "an attacker began exploiting vulnerabilities in one of the scanners. In perhaps the weirdest hacker move yet, they started deleting authorized fingerprints and uploading their own in the hope of gaining physical access."
The AI brain picked this up because one scanner was behaving differently than the others, meaning the security team became aware of the attack within minutes. And, of course, had some pretty conclusive evidence to provide to law enforcement.
[*] https://www.darktrace.com/en/
Read more of this story at SoylentNews.