IBM X-Force Red, an autonomous team of security veterans working for IBM to uncover the vulnerabilities in business networks has discovered a new kind of physical cyber threat which is on the prowl these days.
It is called Cyber Warshipping where cybercriminals send a package containing a small processor and some other low-cost electronic devices circuited together and powered by a mobile battery.
This package, when received by the target organization, starts working on remote commands of hackers where it either starts intercepting the wireless connectivity to get into the corporate network or pledges an evil twin attack which allows the threat actor to set up a decoy/fraudulent WiFi to steal credentials.
Security researchers of IBM Security say that this Warshipping technique is sophisticated enough to pass through the firewall, spam filters, and other threat monitoring tools that are placed in the security perimeter of a company’s computer network.
Few veteran hackers from X-Force Red of IBM dubbed as Big Blue Hackers (named after IBM computers blue color) have already conducted a study on this ‘Warshipping’ technique by accessing a corporate network in an above-said manner.
Charles Henderson led the Big Blue’s Offensive Security team in building a cheap 3G enabled ‘warship device’ which was powered by a mobile battery and consisted Wi-Fi Chip, antenna and other components. They sent all these well-installed components in a package to a company and managed to intercept the company’s PC network.
They also tried their best to uncover the vulnerabilities which might be exploited by the cybercriminals in this process and came to a conclusion that ‘Cyber War-shipping’ is indeed a serious threat if repercussions are taken into account.
IBM X-Force Red suggests that employees of companies, especially those at the physical security counter should scan all packages before they get delivered to the concerned team/individual/official.
Also, packages received from outside should be quarantined at a place where there is limited access to the corporate network.
Furthermore, any personal packages sent to employees should be monitored for any warshipping content.