{"id":291992,"date":"2019-01-14T11:24:48","date_gmt":"2019-01-14T09:24:48","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=291992"},"modified":"2019-01-14T12:33:53","modified_gmt":"2019-01-14T10:33:53","slug":"temporary-network-route-let-user-access-rain-data-centre-camera","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/291992-temporary-network-route-let-user-access-rain-data-centre-camera.html","title":{"rendered":"Temporary network route let user access Rain data centre camera"},"content":{"rendered":"<p>MyBroadband forum members <a href=\"https:\/\/mybroadband.co.za\/forum\/threads\/anyone-notice-pages-on-the-172-16-0-x-range.1000348\/#post-22742768\" target=\"_blank\" rel=\"noopener\"><strong>recently discovered<\/strong><\/a> an\u00a0exposed route on Rain&#8217;s network following a report of an abnormal SIM set-up by a Rain user.<\/p>\n<p>A forum member stated that when setting up a friend&#8217;s router using a Rain Mobile SIM, he was presented with two login pages.<\/p>\n<p>Both pages had\u00a0172.16.0.x addresses and displayed the following:<\/p>\n<ul>\n<li>Juniper Web Device Manager login page.<\/li>\n<li>Network Camera Real-Time Monitoring System login page.<\/li>\n<\/ul>\n<p>Following his post, several forum members attempted to access the login pages using their Rain connections.<\/p>\n<p>They stated that the first page appeared to be for a switch on the Rain network, which &#8220;should be hidden behind a firewall&#8221;.<\/p>\n<p>The second page was a login page for a networked camera, which could reportedly be accessed using default login credentials.<\/p>\n<p>After it was accessed, a screenshot of the camera feed was posted which showed what appears to be a portion of a data centre &#8211; a cage with server racks in it.<\/p>\n<p><a  data-lightbox=\"post-image\" href=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2019\/01\/Rain-Image.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-292026 size-large\" src=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2019\/01\/Rain-Image-640x365.jpg\" alt=\"Rain\" width=\"640\" height=\"365\" srcset=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2019\/01\/Rain-Image-640x365.jpg 640w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2019\/01\/Rain-Image-600x342.jpg 600w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2019\/01\/Rain-Image-768x438.jpg 768w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2019\/01\/Rain-Image.jpg 800w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<h3 class=\"my-4\">Temporary network route<\/h3>\n<p>MyBroadband contacted Rain about the issue, and the company responded immediately thanking us for the information. Shortly after this, Rain informed us the issue had been fixed.<\/p>\n<p>Rain CEO Willem Roos stated that they recently moved offices and\u00a0rationalised their data centres, which required the\u00a0creation of a temporary network route.<\/p>\n<p>&#8220;Our team unfortunately erred in not removing the route once the project was complete,&#8221; said Roos.<\/p>\n<p>Roos said it must be emphasised that no sensitive data was accessible via the route and no data breach occurred. He added that:<\/p>\n<ul>\n<li>The route could only be accessed from the Rain network and not the open Internet.<\/li>\n<li>Access could only be gained to the small dedicated camera network inside the data centre.<\/li>\n<li>Rain\u2019s core systems and, in particular, any customer data could not be accessed via this route. As such no data breach occurred.<\/li>\n<\/ul>\n<p>&#8220;This is certainly an error on our part, and we have improved our processes to minimise the chances of a recurrence.&#8221;<\/p>\n<h3 class=\"my-4\">Now read:\u00a0<a href=\"https:\/\/mybroadband.co.za\/news\/security\/291870-whatsapp-bug-could-expose-all-your-messages.html\" rel=\"bookmark\">WhatsApp bug could expose all your messages<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>MyBroadband forum members recently discovered an\u00a0exposed route on Rain&#8217;s network following a report of an abnormal SIM set-up by a Rain user.<\/p>\n","protected":false},"author":23,"featured_media":263471,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[35,43716,46607,463,46832],"class_list":["post-291992","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-headline","tag-rain","tag-rain-mobile","tag-security-2","tag-willem-roos"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/291992"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=291992"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/291992\/revisions"}],"predecessor-version":[{"id":292008,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/291992\/revisions\/292008"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/263471"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=291992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=291992"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=291992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}