Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online
Perceptics confirms intrusion and theft, stays quiet on details
Exclusive The maker of vehicle license plate readers used extensively by the US government and cities to identify and track citizens and immigrants has been hacked. Its internal files were pilfered, and are presently being offered for free on the dark web to download.
Tennessee-based Perceptics prides itself as "the sole provider of stationary LPRs [license plate readers] installed at all land border crossing lanes for POV [privately owned vehicle] traffic in the United States, Canada, and for the most critical lanes in Mexico."
In fact, Perceptics recently announced, in a pact with Unisys Federal Systems, it had landed "a key contract by US Customs and Border Protection to replace existing LPR technology, and to install Perceptics next generation License Plate Readers (LPRs) at 43 US Border Patrol check point lanes in Texas, New Mexico, Arizona, and California."
On Thursday this week, however, an individual using the pseudonym "Boris Bullet-Dodger" contacted The Register, alerting us to the hack, and provided a list of files exfiltrated from Perceptics' corporate network as proof. We're assuming this is the same "Boris" involved in the CityComp hack last month. Boris declined to answer our questions.
The file names and accompanying directories – numbering almost 65,000 – fit with the focus of the surveillance technology biz. They include .xlsx files named for locations and zip codes, .jpg files with names that refer to "driver" and "scene," .docx files associated with presumed government clients like ICE, and date-and-time stamped .jpgs and .mp4 files.
And there many other types of files: .htm, .html, .txt, .doc, .asp, .tdb, .mdb, .json, .rtf, .xls, and .tif among others. Many of the image files, we're guessing, are license plate captures.
The files also include .mp3 files, presumably from someone's desktop or laptop PC. Among the songs: Superstition, by Stevie Wonder, and Wannabe by Spice Girls, and a variety of AC/DC and Cat Stevens songs.
Extortionist hacks IT provider used by the stars of tech and big biz, leaks customer info after ransom goes unpaidREAD MORE
The stolen files amount to hundreds of gigabytes and include Microsoft Exchange and Access databases, ERP databases, HR records, Microsoft SQL Server data stores, and so on. This information, which includes business plans, blueprints, data sheets, internal designs, financial figures, and personal information, is presently available in multiple .rar files on the dark web.
The nature of the company's business – border security data acquisition, commercial vehicle inspection, electronic toll collection and roadway monitoring – means that it's likely to have a significant amount of sensitive information.
A spokesperson for Perceptics, reached by phone, confirmed that the company was aware that its network had been compromised. She said the biz is working with authorities to investigate, but declined to go into further detail.
With the CityComp hack, stolen files were released because a ransom was not paid; we have yet to determine whether a ransom was sought for the Perceptics files.
At the time of writing, the company's website redirected to Google.com. As we were about to publish this piece, however, we noticed the site was once again functioning properly. It's likely to take longer still for the business to recover from this cyber-break-in. ®
- AdBlock Plus
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Microsoft 365
- Microsoft Office
- Microsoft Teams
- NSO Group
- Palo Alto Networks
- Software License
- Trusted Platform Module
- Visual Studio
- Visual Studio Code
- Web Browser
- Zero trust