Skip to main content

Vietnamese hacker breaks into airport system, finds his way to prison

hacker
Hacking takes all kinds of forms, and sometimes it’s not personal data that’s at risk but rather sensitive commercial or government data that’s the target. That’s particularly true for companies and agencies that run important public services such as transportation, where information like security protocols could be valuable to certain nefarious parties. That’s what makes the theft of sensitive information from Australia’s Perth Airport so scary, and the arrest of the guilty hacker so encouraging.

According to Hot For Security, 31-year-old Le Duc Hoang Hai, a Vietnamese citizen, hacked into the airport’s systems and stole building plans and security information. His method wasn’t particularly technical, rather a byproduct of agencies using third-party contractors. Hai used a contractor’s login credentials to access the information rather than leveraging some complicated network vulnerability, and it’s not clear how he gained access to those credentials.

Related Videos

The good news is that Hai did not access any personal information, such as credit card data, and there is no evidence that he was able to sell the data prior to being arrested. In addition, there was no immediate risk to travelers from the hack according to The West Australian. Kevin Brown, the Perth airport’s chief executive, responded to queries, saying, “We completed a full and thorough risk assessment of the data that had been accessed to ensure there had been no threat to the safety of the traveling public. At no time was the safety or security of the airport, its staff, passengers or partners compromised.”

As Hot For Security points out, the use of contractors can be problematic simply because they may not be held to the same strict security standards as employees. Therefore, additional security measures such as two-factor authentication should be implemented to help keep networks protected no matter who is logging in.

This isn’t the first time that Hai has been guilty of illicit hacking. He is suspected of breaking into other organizations in his home country, such as banks, telecommunications companies, and even a military newspaper website. He was sentenced to four years in prison for this particular crime, however.

Editors' Recommendations

Experts fear ChatGPT will soon be used in devastating cyberattacks
The ChatGPT name next to an OpenAI logo on a black and white background.

ChatGPT has taken the world by storm in recent months, but just as it has amazed people with its technical capabilities, concerns have also been raised over its potential misuse. Now, it seems some IT leaders are worried it will soon be used in major cyberattacks, with the potential to cause devastation in the future.

In a survey of 1,500 IT and cybersecurity professionals conducted by BlackBerry, 51% of respondents believed that ChatGPT will be responsible for a successful cyberattack in the next 12 months. As much as 78% feel that attack will happen within two years, while a handful think it could happen within the next few months.

Read more
This huge password manager exploit may never get fixed
A large monitor displaying a security hacking breach warning.

It’s been a bad few months for password managers -- albeit mostly just for LastPass. But after the revelations that LastPass had suffered a major breach, attention is now turning to open-source manager KeePass.

Accusations have been flying that a new vulnerability allows hackers to surreptitiously steal a user’s entire password database in unencrypted plaintext. That’s an incredibly serious claim, but KeePass’s developers are disputing it.

Read more
Hack involved the data of a nation’s entire population
A depiction of a hacker breaking into a system via the use of code.

Hackers are well known to nab customer data held by companies, but obtaining the personal data of pretty much all of the residents of a single nation in one fell swoop takes the nefarious practice to a whole new level.

The remarkable feat was allegedly performed by a 25-year-old Dutch hacker who, when arrested by police, had in his possession personal data linked to pretty much every resident of Austria -- about nine million people.

Read more