- Researchers have found tens of thousands of my vulnerable in the world
- 49,000 AMS linked to poorly configured could represent a major problem
- Sellers work on a corrective
Tens of thousands of access management systems (AMS), built by different suppliers and distributed in different countries, have been found connected to the wider, poorly configured and therefore exposed to cyberattacks.
A Cybersecurity Researchers Modat Modat Not’s Systems Access Management Cybersecurity Report are the security executives who control and monitor who can access digital or physical resources within an organization. They authenticate users via methods such as passwords, biometrics or multi-factory authentication and authorize their level of access based on predefined policies.
Modat said they had found 49,000 AMS linked to bad configure, in different organizations around the world. “The widespread exhibition on the Internet of the AMS in several countries indicates a global problem,” he said. The devices were found in key industries such as construction, health care, education, manufacturing, petroleum industry and government organizations.
Botnet for rental
The biggest problem with these configuration errors is undoubtedly the compromised physical security of affected organizations, as criminals could bypass physical security and access buildings that should otherwise be prohibited.
But apart from that, another point to remember is that cybercriminals could steal employee sensitive data in this way. “Personal identification information, employee photographs, biometric data, working hours, payments of pay and full access and access to the facilities have all been found,” said Modat.
This could open the valves to phishing, identity theft, social engineering and other forms of fraud that could see the sensitive information from the government exfiltrated from the servers.
Different AMs were affected differently, the researchers said. They said they had detected a “high concentration” of vulnerabilities, mainly in European countries, the United States and the MENA (Middle East and North Africa) region.
The majority of defective devices were found in Italy (16,678), Mexico (5,940) and Vietnam (5,035).
Modat has informed all affected organizations, but according to Bleeping CompomputeNone have answered, so we do not know how much risk attenuation now. The researchers also contacted the sellers, some of whom confirmed to work on a fix.
Via Bleeping Compompute
