Was British Airways Hacked? | Myki Security Report

It's Episode 4 of the Myki Security Report and here's the latest in Cyber Security & Hacking news:

  • Was British Airways Hacked?
  • The Nigerian Dating Scam
  • Galaxy S8 Iris Scanner Hacked!
  • Movie Subtitle Files Can Hack your Computer

Was British Airways Hacked?

On Saturday morning British Airways experienced a major IT failure that saw systems crash and caused travel chaos at Heathrow and Gatwick - the UK’s two largest airports.

The crash affected the airline’s operational systems including the booking system, baggage handling, mobile apps and check-in desks, leaving passengers in long queues, confusion and delays while planes were held on runways.

Passengers trying to travel on Bank Holiday weekend were left stranded, and because the airline could not bring up flyers' details they could not even transfer them to other flights.

Given that the WannaCry ransomware attack happened just a few weeks ago, there was immediate speculation that BA’s IT systems had been hacked! But in a statement BA made, they said: “We’ve found no evidence that it’s a cyber-attack.”

The British trade union said the airline’s decision to outsource hundreds of IT jobs to India’s Tata Consultancy Services last year was behind the problem. BA denied the claim, responding: “We would never compromise the integrity and security of our IT systems."

BA's CEO Alex Cruz blamed the IT meltdown on a “Power supply issue” but Bill Curtis, senior vice-president at IT analytics firm CAST, questioned why a back-up system had not kicked in and claimed that “[the back-up system] should have been on a different power supply with a replicated database. so Ba would have lost a few transactions but not the entire operation of the airline".

On Sunday Cruz released a statement saying that the airports now nearly fully operational.

It was hard for us to believe that BA was brought down by a single point of failure, one server crashing with no backup ready to take over in time.

Is it possible that a company of this magnitude was brought down by a “Power outage”?

that’s what led experts to believe at first that it might have been a Cyber attack. Let’s not forget that those BA servers contain passport copies and credit card information of almost all of the developed world, who hasn’t gotten a ticket from BA before?!

I wonder if the cost in savings in outsourcing IT still out paced the cost in damages this created as passengers have rights under EU law to claim compensation for delayed or cancelled flights ranging between €250 - €600 per customer, and with at least 75,000 people affected. The compensation amount BA would have to pay could range between €18,000,000 to €45,000,0000!

The compensation amount BA would have to pay could range between €18,000,000 to €45,000,0000!!!

I think the story will come to light if and when we start seeing credit card fraud, because that would mean that someone got access to payment information and took advantage of it, making it in fact a hack!

Nigerian Dating Scam:

You may have heard of the crazy Nigerian scams like: “A Nigerian prince needs your money”, “You have just won the Nigerian Lottery”, "A Nigerian astronaut has been trapped in space for the past 25 years and needs $3 million to get back to Earth."

Apparently Nigerians are also good at promising true love, and those looking it have lost tens of millions of dollars over the Nigerian dating scams.

A US federal district court in Mississippi has sentenced three Nigerian scammers to a collective 235 years in prison for their roles in a large-scale international scam.

The three Nigerian nationals are part of a 21-member gang of Cyber criminals that used a false identity to lure their love-struck ‘girlfriends' on dating websites

The Cyber criminals used a false identity to lure their love-struck ‘girlfriends' on a dating websites

to establish a romantic relationship, and get them to wire money and even send them gadgets which they then sell for profit. Love hurts.

Galaxy S8 Iris Scanner Hacked!

Here's what you need to hack into a Galaxy S8: a camera, a printer, and a contact lens.

Samsung recently launched its new flagship smartphone, and German hacking group called the Chaos Computer Club (CCC) has bypassed its iris scanner!

  1. They used the night mode setting on the camera and captured a photo of the subject from a few meters away.
  2. Printed out a real-life sized infrared image of one eye using a printer.
  3. Placed a contact lens on the top of the printed picture to provide some depth.

The S8 instantly recognized the photo as being a "real" human eye and unlocked the phone, giving hackers full access to the phone, including Samsung Pay!

The S8 instantly recognized the photo as being a "real" human eye

Funny enough, Samsung’s official website reads: "The patterns in your irises are unique to you and are virtually impossible to replicate, meaning iris authentication is one of the safest ways to keep your phone locked and the contents private."

Samsung has since released a statement ensuring customers that they will respond as quickly as possible to resolve it. We will see ;)

Movie Subtitle Files Can Hack Your Computer!

Did you know that a little subtitle file with malicious code inserted into it could hand over full control of your device to a hacker, while you enjoy your movie!

A team of researchers at CheckPoint have discovered vulnerabilities in four of the most popular media player applications: VLC, Kodi, Popcorn Time and Stremio - The media players can be exploited by hackers to hijack your PC, smart TV, and even your mobile phone. This could put hundreds of millions of users at risk of getting hacked.

CheckPoint has already informed the developers of the media players affected about the recently discovered vulnerabilities and three out of the four have released patched versions of their software. The Kodi update will arrive later this week. Make Update your media players as soon as possible!


Catch Episode 3 and subscribe to our YouTube Channel for more videos!

The Myki Security Report is brought to you by the Myki Password Manager Team.

Download the Myki Password Manager & Authenticator on Android and iPhone