Attacker Cites Exposed Akamai Server and “intel123” Password

Include to favorites Intel: “We imagine an individual with access downloaded and shared this data”

FavoriteLoadingInclude to favorites

Intel: “We imagine an individual with access downloaded and shared this data”

A misconfigured Akamai CDN (content shipping and delivery network) server and files with the password “intel123” have been pinpointed as the apparent trigger of a key leak from Intel which has seen 20GB of resource code, schematics and other delicate knowledge posted online.

The leak, posted last night time by Tillie Kottman, an IT specialist based in Switzerland, is made up of files presented to partners and buyers by chip maker Intel under non-disclosure agreement (NDA), and contains resource code, progress and debugging instruments and schematics, instruments and firmware for the company’s unreleased Tiger Lake platform.

Browse a lot more: Intel’s 7nm ‘Defect’ Leaves Traders Fretting

In a now-deleted article, the alleged resource of the leak reported: “They have a support hosted online by Akami CDN that wasn’t thoroughly protected. Soon after an internet-large nmap scan I discovered my focus on port open up and went as a result of a list of 370 attainable servers based on information that nmap presented with an NSE script.

“The folders were just lying open up and I could just guess the title of a single. Then you were in the folder you could go again to the root and just click on into the other folders that you don’t know the title of.

The Intel leak defined in a (now deleted) article by the supposed perpetrator

“Best of all, because of to yet another misconfiguration, I could masquerade as any of their workforce or make my personal consumer.”

The resource additional that though a lot of of the zip files on the folder were password-guarded, “most of them [have] the password Intel123 or a lowercase intel123.”

Kottman expects the knowledge dump will be the initial in a series of leaks from Intel.

“Unless I am misunderstanding my resource, I can currently explain to you that the future parts of this leak will have even juicier and a lot more classified things,” he reported on Twitter.

A spokesman for Intel reported the chipmaker is investigating the leak, but declined to remark on the statements about the misconfigured server and weak passwords.

She reported:“The data seems to appear from the Intel Resource and Structure Middle, which hosts data for use by our buyers, partners and other exterior parties who have registered for access.

“We imagine an individual with access downloaded and shared this knowledge.”

The incident is a stark reminder — if any were necessary — that proactively mimicking these forms of methods by hackers is essential to enterprise security, regardless of whether that is by way of common Purple Teaming, or other methods.

Recent security steering from the NSA (focussed on OT environments, but applicable throughout a lot of IT environments too), famous that very best techniques contain:

  • Fully patching all Web-available systems.
  • Segmenting networks to guard workstations from direct exposure to the internet. Implement protected network architectures using demilitarized zones (DMZs), firewalls, leap servers, and/or a single-way communication diodes.
  • Guarantee all communications to remote gadgets use a virtual non-public network (VPN) with potent encryption even further secured with multifactor authentication.
  • Test and validate the legit company want for these access.
  • Filter network visitors to only let IP addresses that are recognised to want access, and use geo-blocking where suitable.
  • Connect workstations to network intrusion detection systems where feasible.
  • Seize and critique access logs from these systems.
  • Encrypt network visitors to reduce sniffing and man-in-the-center methods.

See also: National Protection Company: Suppose Your OT Command Program Will Get Turned Towards You