Hacker opens 2,732 PickPoint package lockers across Moscow
December 2020 by Marc Jacob
This morning that Hacker opens 2,732 PickPoint package lockers across Moscow:, A mysterious hacker used a cyber-attack to force-open the doors of 2,732 package delivery lockers across Moscow.The attack, which took place on Friday afternoon, December 4, targeted the network of PickPoint, a local delivery service that maintains a network of more than 8,000 package lockers across Moscow and Saint Petersburg. The comment from Michel Ferreira Security Consultant with A&O IT Group:
The recent attack against the Russian company PickPoint’s package delivery lockers across Moscow show that cyber threats are present in all aspects of everyday life, including in places most people do not normally consider. The details of exactly how the hack took place have not been made available by PickPoint, but it does raise the question of how other similar systems across the world (like those operated by Amazon) may be vulnerable. In this instance, the hacker managed to open more than two thousand lockers to demonstrate the vulnerability. This caused PickPoint to quickly notice the attack and take measures to mitigate it. A more targeted attack, however, could affect only a few of these lockers at a time, making it difficult for companies to pinpoint the cause. This latest hack also highlights the recurring discussion of convenience versus security. It is always a good idea to consider whether one actually needs a specific service or appliance connected to the Internet. In this case, package delivery lockers probably wouldn’t need to be directly accessible online, and any connections should ideally only be reached with some sort of VPN or only by authorised IP addresses, for example. With more and more household appliances being connected to the Internet each day, the attack surface grows at the same rate, and the chances increase that malicious actors will find ways to exploit vulnerabilities before these are patched. It is, therefore, more important than ever that the security of any devices connected to the Internet is extensively assessed. It is also important to remember that new vulnerabilities are discovered daily and so security monitoring and assessment should be ongoing. Decreasing the attack surface available is then a very important step to take.