A number of critical vulnerabilities have been found in the supporting infrastructure of specialized software LIS-M purchased by the Ukrainian patrol police.
Some months ago, hacktivists of the Ukrainian Cyber Alliance with the help of Kir Vaznitcky found holes in the servers of the company that had developed software for the police (LLC “S.І.T. CENTER “WEB CONTINENT”), and reported them to the security and law enforcement agencies. However, there has been no response. Now the resources of this company have been hacked by unknown hackers. The revealed vulnerabilities allowed them (!) to break the entire specialized LIS-M system to the ground and to receive full access to patrol police official information.
The website of the S.І.T. CENTER “WEB CONTINENT,” is currently not working. Until 2014, the website of the travel agency was located at this address. Then, some time ago, the website of the S.I.T. CENTER “WEB CONTINENT” appeared. The company is developing special software for the police and other agencies. It turned out to be the only supplier and won tenders for supplying LIS-M for the patrol police.
Therefore, mass hacking, subsequent theft of information from tablets “Patrol Police of Ukraine” used to exchange operational information and respond to calls, and then – a service denial attack look like a very real scenario, which either has already been partially implemented (likely) or will be implemented soon.