Activist hacker group AnonSec has released a large trove of data it says was stolen from NASA servers, and detailed the way in which it nearly crashed a $222 million (£154m) Global Hawk drone into the Pacific Ocean.
The 250GB data cache includes the names, email addresses and telephone numbers of more than 2,400 NASA employees, more than 2,100 flight logs and 631 videos drawn from NASA aircraft and radar feeds.
The data theft and drone access took place over a period of several months, beginning in 2013, according to a report AnonSec released along with the data cache detailing its activities.
The group claims it first obtained access to NASA’s systems when it purchased a user login from a third-party hacker in 2013. The group found that administrator credentials for remotely controlling computers and servers had been left at default, allowing it to install a packet sniffer which in turn gathered more login data.
“People might find this lack of security surprising but it’s pretty standard from our experience,” AnonSec said in the report. “Once you get past the main lines of defence, it’s pretty much smooth sailing propagating through a network as long as you can maintain access.”
Gaining access to storage units at the Glenn Research Centre in Ohio, the Goddard Space Flight Centre in Maryland and the Dryden Flight Research Centre (now the Neil A. Armstrong Flight Research Centre) in California, AnonSec found that they contained pre-planned flight routes for drones, and uploaded an altered route intended to crash a drone into the Pacific.
“Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone… but we continued anyways lol,” the group said in the report.
The drone followed the altered route until the deviation was noticed by NASA controllers, who manually corrected the flight path, according to AnonSec. At this point NASA became aware of the security intrusion and cut off AnonSec’s access by changing passwords and patching vulnerabilities, the group said.
AnonSec claims it initially hacked NASA’s systems in the hope of discovering information about the agency’s alleged involvement in climate engineering methods, such as cloud seeding, that the group believes are harmful to human health.
The group, which is affiliated with the Anonymous hacker collective, claimed in 2014 that it had hacked an NSA drone and has claimed responsibility for hacking government systems in Israel, Indonesia and Turkey.
NASA did not immediately respond to a request for comment.
Last year British-Finnish activist Lauri Love was charged with hacking into NASA and other US federal agencies, with US authorities requesting his deportation. Others accused of hacking NASA include Gary McKinnon, a Scottish systems administrator, whose lengthy extradition proceedings to the US were finally withdrawn in 2012.
Like AnonSec, McKinnon claimed he had accessed NASA’s systems in order to search for secret records, in his case relating to UFOs and concealed alternative energy sources.
Are you a security pro? Try our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
View Comments
“Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone… but we continued anyways lol,”
With the stated intention to crash the drone, there is a terrorist element within AnonSec. Maybe those who don't want to be terrorists might roll on those who are. LOL.