San Francisco-based Uber has now confirmed the hack, and the company is scrambling to assess the damage caused by the hack through data recovery.
The timing of this attack is worth pondering. The day after the attack, on Friday, Uber CEO Khosrowshahi testified in court as he participated in U.S. prosecutors’ trial of charges related to Uber’s former chief security officer, Joe Sullivan.
In 2016, Uber had a major cybersecurity incident. Hackers invaded the Uber network and obtained the personal privacy of millions of ride-hailing passengers, including names, email addresses, phone numbers, and car license plates of a large number of ride-hailing drivers. stolen. After the incident, Uber hid from the public until a year later, when the company admitted to paying the hackers $100,000. U.S. prosecutors have brought criminal charges against Sullivan, the executive, with intentional obstruction due to his poor handling of the hack.
Both involve external platforms HackerOne
Both 2016 and this latest hack reportedly involved Uber’s account at the cybersecurity service “HackerOne.” HackerOne’s security services come from some “righteous hackers” who will discover security vulnerabilities of Internet companies, while manufacturers pay a certain bonus to obtain vulnerability information and consolidate platform security. Uber also has a HackerOne account.
Several cybersecurity experts told a U.S. financial media outlet that they determined that Thursday’s new hacking attack had nothing to do with the cybersecurity case Uber is currently on trial.
Corben Leo, chief marketing officer and security researcher at U.S.-based blockchain security firm Zellic, said the trial that began Friday seemed unrelated to the hack, but the hacker used it to distract Uber from the attack. This hacker’s quest, like 99% of young, immature hackers on the web, is fame and money.
Leo said the depth and breadth of the hack is currently unknown, adding to concerns. The hacker obtained documents related to the bug bounty program and, to make matters worse, access to Uber’s operating environment on Amazon’s cloud computing platform, where Uber’s customer information is likely to be stored.
All business operations as normal
Uber said on social media that after the incident, it had contacted the police, froze some internal information systems, including suspending chats on the Slack platform, and the company was investigating whether the hackers’ external claims were true.
On Friday afternoon, Uber said in an official blog post that there was no evidence that hackers had access to sensitive user information, such as ride-hailing trip order information. All of Uber’s ride-hailing businesses, food delivery services and express delivery services are currently operating as normal, and some internal software that was suspended on Thursday has been brought back online.
Regardless of the outcome of the Sullivan trial, a hacker can gain access to a company’s internal virtual private network (VPN) through well-known social engineering attacks, said Danielle Jablanski, a security expert at Nozimi Networks in the United States. This situation is frightening.
