Hackers Attack Al Jazeera and Find Ways into Subaru's Connected Car App

The National Security Agency wasn't the only one dealing with leaks last week. Here's a roundup of cyber incidents from Nextgov's Threatwatch.

Al Jazeera Media Under 'Systematic and Continual' Cyberattack

Al Jazeera Media Network platforms remain operational despite “undergoing systematic and continual hacking attempts,” the company said Thursday.

The network said the attacks on its various web and digital platforms vary in form and intensity, but so far haven’t been compromised.

The incident follows a June 5 decision of Saudi Arabia, the United Arab Emirates, Bahrain and Egypt to cut diplomatic ties with Qatar because of alleged ties to extremist groups and too cozy relationship with Iran.

It's the second Qatar-based media company to report attacks in recent weeks. Qatar News Agency on May 24 reported hackers posted fabricated quotes attributed to Emir Tamim bin Hamad Al Thani widely reported across the region. The FBI, who helped with the investigation of QNA, attributed the attack to Russian “freelancers,” hired hackers paid by people or another nation, The Guardian reported.    

The diplomatic crisis could impact the U.S. military's largest base in the region, Al Udeid Air Base in Qatar.

Researcher Finds Ways in Subaru's Connected Car Tech

Over a few days, a security researcher unearthed at least eight vulnerabilities in mobile apps for Subaru’s connected car technology that allow an attacker to check a car’s location, as well as unlock doors and honk horns.

Aaron Guzman hacked his own 2017 Subaru WRX STI and found multiple flaws in Subaru Starlink’s authentication practices, Data Breach Daily reported.

The Starlink system connects vehicles to mobile devices, so drivers can get alerts about maintenance, security or use remote features. Starlink also allows for hands-free use of mobile devices through a Bluetooth connection and access to multimedia entertainment apps.

Guzman found the app’s servers use authentication tokens that don’t expire and are sent over a URL in plain text. An attacker would have to grab the token to access an account, which isn’t the easiest attack, according the report, but possible if a victim clicked a malicious link or was targeted with a man-in-the-middle attack. A better practice is to have authentication tokens expire.

These vulnerabilities didn’t allow for an attacker to accelerate or brake the car, but one could review the vehicle’s use. Subaru has since fixed “most” of the flaws, according to the report.