AnonSec group hackers hacked Nasa and have released a 250GB data dump. They also revealed they tried to bring down a $222m Global Hawk Drone into the Pacific Ocean. Along with hundreds of flight videos and thousands of flight logs, the data dump included phone numbers and email addresses for 2,414 NASA employees, as well as a self-published paper (known as a “zine”) from the group explaining the extensive technical vulnerabilities that the hackers were able to breach.
“So yeah, we know what you’re thinking, hacking NASA? How fucking cliche… If only I had a Dogecoin for every time someone claimed that, amiright?” the group wrote in an online posting.
Access was made easier by poor password security. In a scan for accounts using the login and password “root,” the first positive hit came up within 0.32 seconds, and linking these enabled them to build a network map of NASA subsystems. By this AnonSec managed to infiltrate the networks at the Glenn Research Center, Goddard Space Flight Center and Dryden Flight Research Center, and were able to gain full root access to three network-attached storage (NAS) devices that were compiling back-ups of aircraft flight logs.
A screenshot from the hackers shows their intended flight path, which they say was cut short after drone pilots on the ground likely noticed the aircraft’s unusual behavior, forcing NASA to restore manual control.
Over several months, the hackers continued to map Nasa’s internal network, discovering details to a wide range of public and private missions, airbases and aircraft, including information and video footage relating to the Global Hawk drones and Operation Ice Bridge polar ice research mission in 2012 and 2013, according to ibtimes. As AnonSec readily admitted, no Global Hawk crashed into the Pacific. NASA took over manual control of the drone when officials realized it had gone on an odd course.
“Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone… but we continued anyways lol,” AnonSec wrote in its zine.
Latest posts by Unallocated Author (see all)
- The Myth Of Coding Bootcamp Job Guarantees - August 9, 2019
- Wifi Pumpkin – WiFi MITM Attack and Audit Framework - August 9, 2019
- TheFatRat – A Convenient Exploitation Tool - August 7, 2019