The new Cyber Threat Status Report, prepared by STM's Technological Thinking Center “ThinkTech” and covering the dates of July, August and September 2022, has been announced. The report, prepared by cyber security experts within STM, includes 7 different topics. The report scrutinizes many current and interesting topics, from how keyless car locks are unlocked by thieves to the most tried passwords by attackers.
Thieves Can Disable Vehicle Locks
The report includes the technical analysis of the working structure of keyless car locks and the “RollBack” and “RollJam” attacks, which are among the attacks against this structure. With the help of RollJam, which is a signal catcher and jammer, the signal sent by the vehicle owner at the moment of unlocking is captured. In this way, thieves who catch the unlock signal of the vehicle can easily unlock the vehicle. The report found that the frequency of cyber attacks on cars in the world increased by 2018 percent from 2021 to 225.
Cyber Security of Defense Platforms
Regarding the period of the report, attention was drawn to the cyber security of platforms in the defense industry. Emphasizing that a significant part of today's wars are now taking place in the cyber world, it was stated that cyber attacks are frequently carried out to weaken the defense capabilities of countries.
In the report, it was noted that platforms in Turkey should be developed taking into account the cyber security risks, and that UAV and SİHA systems such as TOGAN, KARGU and ALPAGU, surface and submarine platforms, Combat Unmanned Aircraft System (MİUS), National Combat Aircraft (MMU), MİLGEM, TOGG It was underlined that national technologies such as domestic automobiles are important in this sense.
Cyber-attack can prevent ammunition from being sent to target
According to the report, which touched upon the problems caused by possible cyber attacks on defense platforms, it was also noted that the sending of ammunition to the target could be prevented, radar systems could be turned off, and even allied elements could be destroyed by showing them as enemies.
The report included the following statements regarding this issue: “Given the complexity of the systems, platforms may remain open to cyber attacks if the necessary security measures are not taken. For example, as a result of an underestimated social engineering attack, malicious software can infect platforms with a USB, a DDOS attack or disclosure of information can occur, or the integrity of data can be damaged by injection attacks. “
Most Tried Passwords by Attackers
The report also identified the passwords that cyberattackers tried the most during the quarter. It has been observed that passwords such as "admin, root, password, 12345", which are used as standard in management interfaces, are tried a lot by cyber attackers. Experts noted that these passwords should be changed after the completion of the testing process and updated with passwords containing 12-16 characters and special characters.
Be the first to comment