Friday , May 7 2021

According to the whistleblower, Ubiquiti was hit by a “catastrophic” incident

Ubiquiti is known for its user-friendly and powerful hardware, such as routers and WLAN access points. But now an insider is making serious allegations. Image: watson

Well-known network provider, according to the whistleblower, was hit by a “catastrophic” incident

The network equipment supplier Ubiquiti is apparently blackmailed and accused by a whistleblower of covering a potentially massive data leak. These are the most important questions and answers.

What happened?

How bad was an incident that the American manufacturer Ubiquiti informed its customers via email on January 11, 2021? The Edge summarized the latest worrying findings on Thursday night. Ubiquiti is accused by a whistleblower of covering up a “catastrophic” security breach – and after 24 hours of silence, the company has now released a statement saying none of the whistleblower’s allegations would be disputed.

Why is that important?

Ubiquiti has an excellent reputation, notes The Verge. The routers and other network devices that are also sold in Switzerland belong to the prosumer class. The company name has become synonymous with high security standards and user-friendly administration.

The US manufacturer promises “seamless network integration” with its UniFi product range. Screenshot:

Originally, Ubiquiti had informed its customers on January 11 about a supposedly small security hole in a “third-party cloud provider”, but the famous cybersecurity website KrebsOnSecurity announced on March 30 that the security hole was actually much worse than Ubiquiti wanted to admit.

A company spokesman who spoke with Brian Krebs claims that Ubiquiti itself was hacked and that the legal department of the company prevented efforts to fully educate customers about the dangers.

How could that happen?

According to The Verge, it is worth reading the report of acclaimed IT security expert Krebs to see the full allegations. The bottom line is that hackers have full access to the company’s AWS servers. This is because ubiquiti is supposed to Root Manager logs in to a LastPass account left behind.

The attackers would be able to use the password manager to gain access to all the Ubiquiti network devices that the customers had set up to control through the company’s cloud service. And this online service is apparently required for some of the new Ubiquiti hardware.

What does Ubiquiti say?

When Ubiquiti finally made a statement this week, it was not exactly reassuring, comments The Verge – it was “completely unsatisfactory”.

The company reiterated its position that it had no evidence that user data was accessed or stolen.

If cancer showed the whistleblower explicitly stated that the company does not keep logs of who has access to the hacked server and who does not. Ergo: It could have no evidence.

Ubiquiti’s statement also confirms that the hacker tried to extort money from the company, but does not address the allegations of coverage.

Below we reproduce the original Ubiquiti statement that the US company published after the cancer statement report:

“As we informed you on January 11, we were the victims of a cybersecurity incident involving unauthorized access to our IT systems. Given the report by Brian Krebs, there is new interest and attention in this matter, and we want to give our community more information.

At the outset, please note that nothing has changed regarding our analysis of customer data and the security of our products since our announcement on January 11th. the attacker was excluded from our systems.

These experts did not identify any evidence that was accessed, or even directed, at customer information. The attacker, who unsuccessfully tried to force the company by threatening to release source code and release specific IT references, never claimed to have access to customer information. This, along with other evidence, is why we believe that customer data was not the object of, or otherwise accessed in connection with, the incident.

At this point, we have well-developed evidence that the perpetrator is an individual with complex knowledge of our cloud infrastructure. Because we are collaborating with law enforcement in an ongoing investigation, we are unable to comment further.

That being said, as a precaution, we still encourage you to change your password if you have not already done so, including on any website where you use the same user ID or password. We also encourage you to enable two-factor authentication on your Ubiquiti accounts if you have not already done so. »


watson contacted Ubiquiti for comment on the allegations made by The Verge. An answer awaits.

What can Ubiquiti customers do?

Buyers or users of Ubiquiti hardware have already been asked by the company to change the password for online access. They must also enable two-factor authentication to prevent unauthorized third-party access.

That being said, customers can only wait and see if more information about the incident is leaked. If the criminal attackers sell or publish customer data on the internet, this will probably become known sooner or later.


Thanks for the ♥

Do you want to support Watson and journalism? Learn more

(You will be forwarded to complete the payment)


15 CHF

25 CHF


The worst computer attacks ever

This iPhone bug is ingeniously practical

You may also be interested in:

Sign up for our newsletter

When onion or garlic sprouts: edible or poisonous?

It is known that the shoots and germination sites of potatoes are poisonous: Eating them can cause intestinal problems. Sprouted onions and garlic cloves also often end up in the trash. Is that a prudent precaution or a waste of food?

There are many healthy nutrients in onions and garlic. For example, some help lower blood pressure and prevent heart attacks and strokes. This applies not only to the bulbous part of the onion vegetable, but also to the growing green.

Unlike sprouting potatoes, no harmful substances accumulate in the green shoots of onions and garlic. And the bulbous part of the onion vegetable is not poisonous to germs. In plain language: With …

Link to the article

Source link