AnonSec hacking group released over 276GB of data alleging to have spent months inside NASA's internal network. The data pile includes 631 videos from the aircraft and weather radars, 2,143 flight logs and the names, email addresses and phone numbers of 2,414 NASA employees.
AnonSec claims to have infiltrated NASA:
AnonSec, affiliated with the Anonymous hacking group, alleged to have hijacked one of the NASA's drones. Hacking Global Hawk drone, specialized in high-altitude, long-duration data collection, the group tried to gain control over the drone by re-routing the flight path using man-in-the-middle (MitM) attack. AnonSec claimed to have spent months inside NASA's internal network and leaked over 276GB of data this Sunday.
A self-published paper (zine) details the hack, dubbed as OpNASADrones. The paper reveals that AnonSec "purchased" the initial foothold from a hacker with knowledge of NASA's servers in 2013. While it started "for the thrill of hacking NASA," the group decided to look around more when they "stumbled upon a couple Flight Research Centers.” AnonSec decided to keep looking to find technical vulnerabilities and to experiment how many computer they could break into and hijack.
According to these details, it was fairly easy as the admin credentials for controlling NASA computers and servers remotely were left to default. Yikes. Which means hackers were able to get into the network with no major efforts whatsoever. After this they grabbed more login data using a hidden packet sniffer and continued to map NASA's internet network, discovering details of public and private missions, aircrafts and details of the Global Hawk drones and Operation Ice Bridge research mission in 2012 and 2013.
After managing to infiltrate the networks, the hackers were able to gain full root access of the three network-attack storage (NAS) devices from which they managed to send a copy of all the flight logs to their own servers outside of NASA's network. Using this data, AnonSec was able to change the route pre-planned for a Global Hawk drone.
Realizing they could manage to send the drone wherever they wanted to, the group intended to crash the drone in the Pacific Ocean. "Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone... but we continued anyways lol," zine reveals.
While they did manage to re-route the drone, according to reports NASA engineers manually took over after a security penetration warning, saving the agency's drone worth over $222.7 million.
NASA says drone "was not compromised":
NASA has come to the front today denying AnonSec's claims of having hacked one of the space agency's drones. The agency says that it believes that the data pile that the hacker group claims to have obtained after months long penetration of the NASA network seems to be already available in public. In a statement to Forbes, NASA said:
Control of our Global Hawk aircraft was not compromised. NASA has no evidence to indicate the alleged hacked data are anything other than already publicly available data. NASA takes cybersecurity very seriously and will continue to fully investigate all of these allegations.
This is not the first time that NASA has been breached. One of the most famous hacking attempts included a breach when Brit Gary McKinnon tried to infiltrate the network to find information on UFOs. Giving a positive perspective to this hacking attempt, AnonSec says that they infiltrated the space agency's network to bring awareness to how the agency was involved in manipulating the climate:
One of the main purposes of the Operation was to bring awareness to the reality of Chemtrails/CloudSeeding/Geoengineering/WeatherModification, whatever you want to call it, they all represent the same thing. NASA even has several missions dedicated to studying Aerosols [sic] and their effects on the environment and weather, so we targeted their systems.
