The AnonSec hacker group released a 250GB data dump and claimed it tried to cause a Global Hawk Drone to crash in the Pacific Ocean, according to the International Business Times. The hackers gained flight logs, employee personal information and video footage from the $222 million drone.
The data dump included names, phone numbers and email addresses of 2,414 NASA employees, 631 videos from radar feeds and aircraft, and 2,143 flight logs. The dump also included a “zine,” a self-published paper, explaining the technical vulnerabilities the group was able to hack.
How They Did It
AnonSec stated that in 2013 it bought an “initial foothold” from a hacker who had knowledge of NASA servers, then started trying to find out how many computers they could break into and hijack. The administrator credentials for remotely controlling NASA computers and servers were left at default. Hence, it took the hackers no time to penetrate the network and get additional login data using a hidden packet sniffer.
The hackers mapped NASA’s internal network over several months, uncovering details of a wide range of private and public missions, aircraft and airbases. They uncovered video footage relating to Global Hawk drones as well as Operation Ice Bridge polar ice research mission in 2012 and 2013.
The videos show drones taking off on a NASA runway, in addition to aerial footage of big chunks of ice. Flight logs display GPS coordinates, sensor readings and aircraft models.
AnonSec said it infiltrated networks at the Goddard Space Flight Center, the Glenn Research Center and the Dryden Research Center. It was also able to gain full root access to three network-attack storage (NAS) devices gathering aircraft flight log back-ups.
The hackers then programmed the NAS devices to send a copy of all flight logs to their server which is outside the NASA network. In examining the flight logs, the hackers recognized the data included NASA Global Hawk drones’ pre-planned route files. When a drone mission took off, drone operators uploaded flight paths. Hence, the hackers knew they could replace the Global Hawk drone flight file which would cause the drone to deviate from its set flight path and do whatever the hackers wished.
AnonSec wrote that several of its members disagreed on this course of action out of concern for being called terrorists for possibly crashing a $222.7 million U.S. drone, but they continued along this path. The group included a screenshot of how they attempted to deviate the flight path to cause the Global Hawk to crash into the Pacific Ocean.
Ground Control Responds
The Ground Control drone operators noticed it deviated from its flight path and manually accessed it via satellite to redirect it from crashing, AnonSec noted.
NASA then realized the hacking and took measures to inspect its network. NASA changed passwords and patched the vulnerabilities, keeping the hackers out for good.
AnonSec wrote that NASA has been breached more than most people can remember and that the recent hack was not focused at first on drone data and upper atmosphere chemical samples. The original NASA breach was not even planned, “it was caught up in a gozi virus spread.”
AnonSec stated that people might find the poor security surprising, but based on the hackers’ experience, it is pretty standard. Once the main lines of defense are breached, propagating through the network is “pretty much smooth sailing” as long as access is maintained.
Also read: Watch the SpaceX Falcon 9 makes an almost-successful crash landing
Real Goal: Climate Change
AnonSec alerted Infowars, the home of the Alex Jones Internet radio news show, about the zine. Infowars noted the hackers’ main goal was to highlight the U.S. government’s use of climate engineering methods like geoengineering and cloud seeding to manipulate the climate and cause more rain to fall to fight carbon emissions.
AnonSec claimed in 2014 to have hacked an NSA drone and has hacked Indonesian, Turkish and Israeli commerce and government websites for political reasons.
Images from Shutterstock and Facebook.