Security News > 2023 > February > Datacenters in China, Singapore, cracked by crims who then targeted tenants
Criminals have targeted datacenter operators in Singapore and China, tapping into their CCTV cameras, accessing their tenant lists and then attacking those customers.
That lateral movement included accessing a list of the datacenter operator's CCTV cameras "With associated video stream identifiers used to monitor datacenter environments, as well as credential information related to operators and customers."
The attackers also tried to tap into the remote hands service offered by the datacenter operators - services that see datacenter staff perform physical and software maintenance of tenants' kit.
"The actor was able to compromise one of the internal email accounts used to register visitors - which could then be used for cyber espionage or other malicious purposes" because "Information about visitors may disclose important information about the exact staff responsible for datacenter operations from the client side."
The vendor has reported this incident to CSA SingCERT. Resecurity also detected action against a US-based organization it says operates in the "Carrier neutral datacenter field" and which "Was a client of one of the previously impacted datacenters abroad.".
Datacenter operators certainly present a similarly tempting target.