Ubiquiti Networks Responds To Krebs On Security Whistleblower Story…. Badly….

Yesterday I brought you a story about a whistleblower who alleged via Krebs On Security that Ubiquiti Networks had “massively downplayed” a major security incident a few months ago. This clearly didn’t sit well with Ubiquiti Networks who put out a statement via its community forums. Here is the statement in full:

As we informed you on January 11, we were the victim of a cybersecurity incident that involved unauthorized access to our IT systems. Given the reporting by Brian Krebs, there is newfound interest and attention in this matter, and we would like to provide our community with more information.

At the outset, please note that nothing has changed with respect to our analysis of customer data and the security of our products since our notification on January 11. In response to this incident, we leveraged external incident response experts to conduct a thorough investigation to ensure the attacker was locked out of our systems.  

These experts identified no evidence that customer information was accessed, or even targeted. The attacker, who unsuccessfully attempted to extort the company by threatening to release stolen source code and specific IT credentials, never claimed to have accessed any customer information. This, along with other evidence, is why we believe that customer data was not the target of, or otherwise accessed in connection with, the incident.

At this point, we have well-developed evidence that the perpetrator is an individual with intricate knowledge of our cloud infrastructure. As we are cooperating with law enforcement in an ongoing investigation, we cannot comment further.

All this said, as a precaution, we still encourage you to change your password if you have not already done so, including on any website where you use the same user ID or password. We also encourage you to enable two-factor authentication on your Ubiquiti accounts if you have not already done so.

Thanks,

Team UI

Brian Krebs almost immediately posted this to Twitter:

In short, while I get that Ubiquiti Networks had to say something after the Krebs On Security story dropped, and they have to spin this in a way that says that there’s nothing to see here. The fact is that their statement does little if anything to accomplish that. Plus I among with many others would rather trust Brian Krebs view of this as he’s got a superior track record on reporting on stuff like this as by the time he publishes a story, he’s checked his facts six ways from Sunday. So If I am a customer of Ubiquiti Networks, I would still be very worried as clearly this company is still in PR mode rather than trying to protect their customers by giving them ALL the information that they need to secure their networks from a possible attack.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

<span>%d</span> bloggers like this: