Cybersecurity Update

Throughout June, two major technology companies experienced cybersecurity issues. These incidents have since been solved, but we recommend ensuring that you were not affected by either TeamViewer’s corporate breach, or the security weakness in some of Apple’s most popular devices.

AirPods Weakness

Apple, one of the world’s leading technology companies, reported a potential security weakness that allowed their widely used headphone range to be hacked into.

The incident occurred due to an authentication issue that affected AirPods 2nd Generation and later, AirPods Pro (all models), AirPods Max and Beats Fit Pro. To help solve this problem, Apple has released a new firmware update; to check which firmware version your device has installed, visit Settings – Bluetooth – click on the info button next to your earbuds/headphones.

Apple provided an explanation of what exactly the hack entailed in their statement; “When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.” This meant that an attacker in physical proximity to the user could have exploited the authentication issue and listened in on private conversations.

The risk of being attacked while the issue was present was quite small, as adversaries needed to be able to correctly spoof your intended device, as well as being in a range of just a few meters. Beyond this, the attackers would have only had access to the audio coming from the victim’s device.

If you are concerned about your privacy regarding this issue, we recommend contacting Apple directly, as they will be able to provide the best advice.

TeamViewer Breach

TeamViewer, the remote access software giant, experienced a cybersecurity breach that compromised their internal corporate IT systems. The company and their cybersecurity partners believe the attack was carried out by an Advanced Persistent Threat Group (ATP Group) that may be connected to Russian Foreign Intelligence Services. The “Midnight Blizzard” attackers held compromised employee account credentials, which allowed them to access TeamViewer’s corporate systems.

TeamViewer were able to detect the breach quickly, but the company may take time to recover from the data lost in the attack. They have assured customers that their internal systems are entirely separate from their product’s IT systems, meaning customers should not have been affected by the incident. However, if you experience any issues regarding your products, make sure you contact TeamViewer directly to advise them of any problems.