The US government and the Belcan defense contractor left their accounting data supervisor open to the public. According to the Cybernews research group, the error could lead to a serious attack on the supply chain.
Belcan provides decisions in the field of design, IT and engineering for US government agencies. The company, with $ 950 million in 2022, is a trusted partner for 40 federal agencies.
On May 15, the Cybernews research group discovered an open copy of Kibana, containing confidential information about Belcan, their employees, and internal infrastructure. Kibana is a visualization panel for the data search mechanism and Elasticsearch analytics. These systems help enterprises work with large amounts of data.
Although the information leakage emphasizes Belcan’s commitment by introducing tests for penetration and audits, attackers could take advantage of the missing, leaving the results of the tests open together with the administrator’s study data with BCRYPT.
Belcan data leakage in an open copy of Kibana contained the following:
- Electronic letters of the administrator;
- The names of the administrator users;
- Administrator passwords;
- The role of the administrator (in which organizations they are assigned);
- Addresses of the internal network;
- Names of the hosts of internal infrastructure and IP address;
- Vulnerabilities of internal infrastructure and actions taken to eliminate them.
Bcrypt is a safe hashing algorithm that adds a security level that protects against attackers. However, Heshi can still be hacked, and other authentication data can be used in phishing attacks to gain potential access to confidential information of government agencies and defense enterprises.
Such information is valuable for industrial espionage, obtaining secret military information, or violations of the work of state institutions. Belcan clients in the United States are especially vulnerable, so a successful attack would cause concern among American citizens and civil servants.
The source of the leakage, apparently, was the Belcan security tool to scan infrastructure for vulnerability. Access to such tools should be well