AnonSec Attempts To Crash $222m Drone, Releases Secret Flight Videos (ibtimes.co.uk)

← Back to Stories (view on slashdot.org)

AnonSec Attempts To Crash $222m Drone, Releases Secret Flight Videos (ibtimes.co.uk)

Posted by timothy on Tuesday February 2, 2016 @01:07AM from the hey-those-are-tax-dollars! dept.

An anonymous reader writes with an excerpt from IBTimes that says it's not just governments that have proven themselves capable of hacking into drones: Hackers from the AnonSec group who spent several months hacking NASA have released a huge data dump and revealed they tried to bring down a $222m Global Hawk drone into the Pacific Ocean. The hack included employee personal details, flight logs and video footage collected from unmanned and manned aircraft. The 250GB data dump contained the names, email addresses and phone numbers of 2,414 NASA employees, 2,143 flight logs and 631 videos taken from Nasa aircraft and radar feeds, as well as a self-published paper (known as a 'zine') from the group explaining the extensive technical vulnerabilities that the hackers were able to breach. Among these: the group discovered that the flight paths uploaded into each drone could be replaced with their own.

133 comments

Min score:

Reason:

Sort:

From the QC Dept by Anonymous Coward · 2016-02-02 01:12 · Score: 0

More high quality products brought to you by the US Govt...
1. Re:From the QC Dept by smooth+wombat · 2016-02-02 02:54 · Score: 4, Insightful
  
  More high quality products developed by private industry for the US Govt...
  
  --
  We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
2. Re:From the QC Dept by radiumsoup · 2016-02-02 03:29 · Score: 3, Informative
  
  It wasn't the private-sector-built aircraft that was hacked - it was the government network that was hacked.
3. Re:From the QC Dept by oh_my_080980980 · 2016-02-02 03:39 · Score: 1, Insightful
  
  LMOL and how built the network? What products are used for the network? And who maintains the network? Moron...
4. Re:From the QC Dept by radiumsoup · 2016-02-02 03:52 · Score: 5, Insightful
  
  Who built it? Irrelevant. What products were used? Irrelevant. It was shown to be secured by simply changing the default passwords, and leaving default passwords intact was a failure of management. So what kind of network is it, anyway? Oh, yeah, it's a .gov network. Management is controlled by the .gov entity, even if contractors are used for the keypresses and network cable enplugginations. The .gov entity is responsible for regular security audits on their systems. They failed on that management aspect.
5. Re:From the QC Dept by ememisya · 2016-02-02 04:32 · Score: 1
  
  I hope that thing is insured because 200+million bucks isn't [sic] lol.
6. Re:From the QC Dept by mspohr · 2016-02-02 05:34 · Score: 3, Informative
  
  They contract all of this stuff out to the private sector (the network and the monitoring of the network).
  Northrup Grumman runs many government networks. (Not just NASA, also Defense, CDC, etc.)
  
  --
  I don't read your sig. Why are you reading mine?
7. Re:From the QC Dept by tnk1 · 2016-02-02 05:42 · Score: 1
  
  I'm still going to point out that it is irrelevant. There are plenty of government employees. If they don't have enough employees to oversee the contractors, that is a fault of the government.
  And if the government turned these functions over to contractors with no way of assuring that they were secure or manageable, that is still the government's fault.
  Yes, if the contractors screwed up, they certainly share responsibility and if there was some sort of cover-up by the contractor, that would also mitigate it.
  However, default passwords? Anyone could have audited that. The government did not. The contractor should be fired, but so should the people supposed to be doing the "oversight".
8. Re:From the QC Dept by Anonymous Coward · 2016-02-02 06:13 · Score: 1
  
  Well, then by your logic, it's the entire US's fault. They're responsible for who's running the government. It's irrelevant how much PACs or corporations or such donate, it's ultimately the people who vote. They may be easily led morons, but I've yet to see a corporation actually walk in a check the boxes on a ballot.
9. Re:From the QC Dept by mspohr · 2016-02-02 06:31 · Score: 1
  
  You could just blame it on Obama.
  
  --
  I don't read your sig. Why are you reading mine?
10. Re:From the QC Dept by Frosty+Piss · 2016-02-02 06:43 · Score: 1
  
  More high quality products developed by private industry for the US Govt...
  You are taking these script kiddies at their word that this is what they have done to systems that are as they claim. Yet this is extremely unlikely.
  Names, work email and phone numbers of government employees are not considered "personal information", and are generally available through published directories, and certainly FOIA requests (so says me, a former Records Custodian for the Air Force), and much of the other "data" is hardly "secret". As well, many are saying that all these idiots accessed were honeypots.
  Please take note that these script kiddies believe in the Chemtrail Conspiracy, which more or less immediately invalidates everything they say.
  
  --
  If you want news from today, you have to come back tomorrow.
11. Re:From the QC Dept by radiumsoup · 2016-02-02 09:28 · Score: 1
  
  additionally, there seems to be the assumption that there were contractors involved; while many government operations may and sometimes do employ contractors, not all government IT work is done by contractors, and there wasn't an indication in TFA that a contractor was to blame. I was unable to find a publicly available accounting of NASA's network, so I didn't point it out earlier, but I daresay that in my rather limited experience with government contractors, most of them are eager to do audits for government work, since it means they get paid for the audit and paid to fix anything they find as well, even if it was their fault to begin with.
hmm .. by invictusvoyd · 2016-02-02 01:13 · Score: 3, Insightful

AnonSec found that the administrator credentials for securely controlling Nasa computers and servers remotely were left at default

Hmm ..
1. Re:hmm .. by Frosty+Piss · 2016-02-02 06:34 · Score: 1
  
  AnonSec found that the administrator credentials for securely controlling Nasa computers and servers remotely were left at default
  AnonSec found that the administrator credentials for securely controlling Nasa's HONEYPOT computers and servers remotely were left at default...
  
  --
  If you want news from today, you have to come back tomorrow.
2. Re:hmm .. by invictusvoyd · 2016-02-02 06:42 · Score: 1
  
  Honeypot ? They almost managed to crash the drone.
3. Re:hmm .. by Frosty+Piss · 2016-02-02 06:50 · Score: 2
  
  Honeypot ? They almost managed to crash the drone.
  Is that a fact ? Says who? A bunch of script kiddies that bought a hack into a honeypot and went on to disclose publically available information? A bunch of script kiddies that believe in "Chemtrails"?
  Please adjust your tin-foil hat, it's not working.
  
  --
  If you want news from today, you have to come back tomorrow.
Best way to stop these criminals by Anonymous Coward · 2016-02-02 01:17 · Score: 0, Troll

I call Anonsec criminals but really they're terrorists. There's no legitimate reason for their actions. None. Let's stop calling them hackers and start calling them terrorists. That is what they are. They need to be stopped. They're a bunch of immature losers living in their parents' basements. The best solution is for law enforcement to infiltrate their groups and arrest the Anonsec terrorists and anyone in related groups. They should all be executed for their crimes. Normally I don't agree with the death penalty, but it's appropriate for these lowlife scumbags.
1. Re:Best way to stop these criminals by Dins · 2016-02-02 01:21 · Score: 5, Insightful
  
  They're not terrorists. They're criminals, yes, and idiots too, but their intent was not to cause terror. Yes they should be arrested, but let's stop labeling every extreme action "terrorism" when that's obviously not the intent.
2. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 01:28 · Score: 1
  
  I don't know, but I'd say they crossed a line trying to crash that drone; everything before that was relatively non-destructive. I don't see why they didn't do something like modify the drone's flight path to spell out "AnonSec" or something rather than trying to crash it, I think people would be more impressed.
3. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 01:37 · Score: 0
  
  You call yourself an Anonymous Coward but really you're just a dick.
4. Re:Best way to stop these criminals by phishybongwaters · 2016-02-02 01:41 · Score: 1
  
  Not terrorists, just a bunch of asshats that couldn't actually hack anything of value so instead they directed their attention at NASA. Smacks of releasing credit card details to the internet to "protect us" from big corporate greed. Or something.
5. Re:Best way to stop these criminals by bkr1_2k · 2016-02-02 01:43 · Score: 5, Informative
  
  The problem is they couldn't actually do either action. This is a bunch of hype trying to claim greater "hacking" capability than they actually have. Hell, even the article says they gained access by purchasing it from someone else.
  Having worked on those aircraft for the better part of 10 years, these guys didn't do a damn thing. The mission plans would have been noticed immediately as using the wrong waypoints and been corrected, manually or from known-good files. These guys didn't have a chance of actually crashing anything except maybe a couple of servers at NASA, which would have done nothing.
  NASA clearly needs to update some of their Network security protocols and probably fire a couple of people, but this is a non-story with respect to the drones. It's FUD trying to drive site clicks.
  
  --
  "Growing old is inevitable; growing up is optional."
6. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 01:48 · Score: 0
  
  I know someone took offense to my post and modded me down, but I'm actually trying to make a point here. I guess the moderators don't understand satire.
  If your goal is to make a point about the lack of security in US government systems, I guess that makes sense. But it is probably more beneficial to cover your tracks and anonymously notify management and the press. It's still illegal, but it's not really harmful.
  If your goal is to find out information about alleged secret government activities involving weather and climate modification, that's actually pretty interesting. While illegal, finding and leaking such information might actually be worthwhile. I'm not too bothered by such a thing.
  However, I have a big problem with doxxing employees. Sometimes this has also included private conversations employees have had and information about members of their families. It crosses a line and harms a lot of probably innocent people. It's a really extreme and unnecessary measure. Other groups operating under the Anonymous name have done things like posting alleged KKK members and the information has included children. That's obviously inaccurate and seems totally wrong to me, but they've done it. Also rying to crash that drone into the Pacific Ocean is also a really extreme measure that serves no purpose. It wastes a hell of a lot of taxpayer money for no good reason. These kinds of actions strike a nerve with me.
  Is the death penalty warranted? No, of course not. A long prison sentence is. Are they terrorists? No, I intentionally mislabeled them. But I was satirically making a point about how extreme and unjustified the actions of groups like this are.
7. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 02:02 · Score: 0
  
  No it isn't. If someone stole my intellectual property, I'd be many things, but terrified would not be one of them.
8. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 02:36 · Score: 5, Insightful
  
  What an ignorant comment. NASA is using these drones for scientific missions. Among other things, they take measurements of the ozone layer, collect data on transport of aerosols and pollutants over the Pacific (which undoubtedly impacts the weather on the west coast), and collects data on developing Atlantic hurricanes. Just because something isn't particularly secure doesn't mean you should hack it. I'd bet that the signals sent to the Voyager spacecraft and probably the Mars rovers don't use strong encryption. I'd bet if someone put their mind to it, they could spoof the signals sent to them. It would also be a dick move to interfere with valuable scientific missions just because you want to hack something. I understand the concept of hacktivism but this isn't it. That you consider NASA's atmospheric research your enemy says more than enough about you.
9. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 02:47 · Score: 2, Insightful
  
  Your being naive if you think crashing NASA's servers and getting thousands of employees personal information was nothing. That's a crime potentially in the millions of dollars, perhaps not 200 million, but still serious enough. The story is not the drone, the story is the hack. Your perspective is just on the drone because you worked on them. Keep your eye on the ball man. They hack these things just because they can and release the info to show off these glaring security holes and how far they got into the system. Crashing it would have just been better PR for them in the lulz world, but hacking it and NASA's data is still a big deal. Also, not crashing it probably plays off better in the real world where people still like NASA and would probably prefer hackers not to fly 200 million tax dollars into the ground to prove they can.
  Still, our security is far too weak, the point has been made yet again. I think that's what you supposed to be getting out of this. Just because this time they didn't crash a drone doesn't mean it's ok we let them hack in so easily. I think you also underestimate how a well timed hack could affect flight.
10. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 02:48 · Score: 1, Insightful
  
  You have anger issues, seek help.
11. Re:Best way to stop these criminals by SirSlud · 2016-02-02 02:50 · Score: 1
  
  Excute them, and their families and friends and cats and dogs.
  Same goes for spammers. Why should a spammer who causes more than a billion dollars in lost productivity NOT be called what he is? A terrorist.
  I remember a time when /. was mostly filled with mentally stable people.
  
  --
  "Old man yells at systemd"
12. Re:Best way to stop these criminals by hey! · 2016-02-02 02:52 · Score: 2, Insightful
  
  Call them idiot criminals if you want. They should still be rounded up by law enforcement and executed.
  Why execute them? Because they make you angry?
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
13. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 03:13 · Score: 0
  
  Unlike you
14. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 03:16 · Score: 0
  
  > Other groups operating under the Anonymous name
  Internet highfive for mentioning a ridiculously misunderstood-yet-obvious reality about any generic banner/title.
15. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 03:19 · Score: 0
  
  I call Anonsec criminals but really they're terrorists. There's no legitimate reason for their actions. None. Let's stop calling them hackers and start calling them terrorists. That is what they are. They need to be stopped. They're a bunch of immature losers living in their parents' basements. The best solution is for law enforcement to infiltrate their groups and arrest the Anonsec terrorists and anyone in related groups. They should all be executed for their crimes. Normally I don't agree with the death penalty, but it's appropriate for these lowlife scumbags.
  So, you on the payroll, or what?
16. Re: Best way to stop these criminals by Anonymous Coward · 2016-02-02 03:30 · Score: 1
  
  I know, right? What kind of a sick maniac holds that much anger toward dogs?
17. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 03:30 · Score: 0
  
  GGP did ping my sarcasm detector fwiw (no mod points). I agree with you about doxxing employees (and children of white supremacist parents--my parents joined a white supremacist/anti-Semite group when I was in high school, haven't talked to them in over a decade, and I don't know how much damage would have been done if everyone in high school knew that). Most employees are just trying to pay their bills and put food on the table, and the situation for children of white supremacists is even more awful.
  I would like to nitpick and say that crashing a drone in general may serve a purpose. TFA wasn't entirely clear what the real purpose of the drone was, and AC below indicates it was on a scientific mission. So boo on AnonSec all around, especially with their nonsense (conveniently missing the real Illuminati) about weather control.
  What I would like to see is military drones operating in the Middle East crashed into the ground.
18. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 03:31 · Score: 0
  
  Allahu Hackbar!
19. Re:Best way to stop these criminals by kilfarsnar · 2016-02-02 03:35 · Score: 1
  
  Same goes for spammers. Why should a spammer who causes more than a billion dollars in lost productivity NOT be called what he is? A terrorist.
  Wait, now loss of productivity is terrorism? I think we are stretching that term just a wee bit.
  
  --
  "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
20. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 04:04 · Score: 0
  
  Hey, come on, don't mod Hitler to -1 Troll. Capital punishment actually has many more uses than common sense would predict.
21. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 04:16 · Score: 0
  
  I remember a time when /. was mostly filled with mentally stable people.
  You must not be new here.... ;)
22. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 04:19 · Score: 0
  
  Loss of any kind of profit or potential profit is terrorisim. I thought everyone knew what the war on terrorism was really about.
23. Re:Best way to stop these criminals by Frosty+Piss · 2016-02-02 04:32 · Score: 4, Informative
  
  Your being naive if you think crashing NASA's servers and getting thousands of employees personal information was nothing
  Names, work email and phone numbers of government employees are not considered "personal information", and are generally available through published directories, and certainly FOIA requests (so says me, a former Records Custodian for the Air Force). As well, many are saying that all these idiots accessed were honeypots.
  
  --
  If you want news from today, you have to come back tomorrow.
24. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 05:59 · Score: 0
  
  As long as the couple of people fired are the heads of the departments responsible for these unsecure protocols, then, sure, fire them. Firing the average Joe trying to do the best he can in the midst of institutional chaos and plans that change every couple of weeks would be ridiculous. I hate it when people just shout "fire someone" as a solution to problems.
  Furthermore, based on the physicists I've worked with, internal security over there must be shitty unless they have IT people in charge of the production systems (which is not likely, as the physicists are the "important people").
25. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 06:04 · Score: 0
  
  Rose colored glasses and selective positive memory... always been a dose of crazy here.
26. Re:Best way to stop these criminals by lhowaf · 2016-02-02 06:25 · Score: 1
  
  a bunch of immature losers living in their parents' basements
  Yeah, that pretty much says "terrorist" to me.
27. Re:Best way to stop these criminals by JudgeFurious · 2016-02-02 06:45 · Score: 1
  
  Well, they do make me angry but execution is kind of pointless and unnecessarily expensive. It takes ages to put one of these little assholes down even if it was legal to do so for this crime. People always want to jump to executing those who transgress but I think nobody gives long-term incarceration its due. Say one of these "scamps" was in his early 20's. 40 years without the possibility of parole would be a whole lot cheaper when you take into account all the money spent on appeals and he'd leave prison (assuming he survived it) in his 60's. His life would mostly be over at that point. With no employment history or experience, most likely outdated abilities and a criminal record he'd be pretty much unemployable beyond anything but the most meager of jobs. He'd get to live out his retirement mopping floors at night and (if he was lucky) living on some kind of welfare stipend if he lived in country that gives a crap. If he's American I don't think (but I'm not entirely certain) that people who spend their lives in prison earn any kind of Social Security benefit. The government should put forth a lot of effort to find these people, drag them to the states kicking and screaming if necessary, and then throw them in jail for the majority of the rest of their lives. Much worse than executing them if you ask me.
  
  --
  Appended to the end of comments you post. 120 chars.
28. Re:Best way to stop these criminals by JudgeFurious · 2016-02-02 06:50 · Score: 1
  
  Watch yourself there man. Questioning charges of terrorism is pretty darn close to terrorism itself. You trying to start up some kind of term-stretching-jihaad or something boy?
  
  --
  Appended to the end of comments you post. 120 chars.
29. Re:Best way to stop these criminals by hey! · 2016-02-02 06:52 · Score: 1
  
  And you're right to be angry. But being angry doesn't justify killing someone else, even if that other person is at fault for making you angry. Nor does it justify inflating the magnitude of punishment, especially to the point that the consequences of that punishment become a burden on society. That's just using the legal system as the instrument of an emotional temper tantrum.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
30. Re:Best way to stop these criminals by JudgeFurious · 2016-02-02 07:08 · Score: 1
  
  Granted and I got into a level of detail that probably wasn't necessary. I really meant to make the point that incarceration is a damned awful thing to do to someone and that they have to live with the consequences of that for the rest of their lives. Thinking of how the government has reacted in the past I could honestly see a 30-40 years without parole sentence happening in a case like this. If they'd brought something down it would be nothing to get that. Death is easy to throw out there as a "Worst thing we could possibly do to them" answer but it really isn't. There are plenty of potentially worse fates.
  
  --
  Appended to the end of comments you post. 120 chars.
31. Re:Best way to stop these criminals by Coren22 · 2016-02-02 07:40 · Score: 1
  
  http://csrc.nist.gov/publicati...
  Name and phone number together are considered PII. (Page 2-2)
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
32. Re:Best way to stop these criminals by Coren22 · 2016-02-02 07:44 · Score: 1
  
  You won't like me when I'm hungry - Bruce Banner
  https://www.youtube.com/watch?...
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
33. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-02 09:08 · Score: 0
  
  http://csrc.nist.gov/publicati...
  Name and phone number together are considered PII. (Page 2-2)
  You are reading the NIST guide wrong. 2-2 has a very important modifier "may be", which is not "is considered".
  See the example in 3-5. If the information is publically available as is the case with most government employees, it is a not PII.
34. Re:Best way to stop these criminals by crow_t_robot · 2016-02-02 09:43 · Score: 1
  
  Then the phone book must be the work of a massive terrorist conspiracy..................
35. Re:Best way to stop these criminals by Frosty+Piss · 2016-02-02 10:24 · Score: 1
  
  There is a difference between your work phone / email / address and your home phone / email / address. These script kiddies released work phone / email / address, which *IS* public information. The document you quote is talking about personal phone / email / address, and indeed also says "may", not "is".
  
  --
  If you want news from today, you have to come back tomorrow.
36. Re:Best way to stop these criminals by iceaxe · 2016-02-02 10:34 · Score: 1
  
  I remember a time when /. was mostly filled with mentally stable people.
  That's funny, I don't.
  There have always been a nice minority of saner folks, but madness has been par for the course as long as I've been around. Don't let them get to you, just gesture with your shotgun at the "off my lawn" notice.
  
  --
  WALSTIB!
37. Re:Best way to stop these criminals by tigersha · 2016-02-03 00:31 · Score: 1
  
  Well, the thing is, if this guy was a terrorist we (or rather, you, I am not in the USA) would be going after him with a drone. Which often does include blowing up his house and killing his wife, his children and his dogs. So what is different?
  
  --
  The dangers of excessive individualism are nothing compared to the oppressiveness of excessive collectivism
38. Re:Best way to stop these criminals by tigersha · 2016-02-03 00:32 · Score: 1
  
  Refer to it as "economic damage" and you will get the same result. Some of the spammers and virus writers DO cause more economic damage than Al Queda, unless you count the cost of the rather expensive War on Terror.
  
  --
  The dangers of excessive individualism are nothing compared to the oppressiveness of excessive collectivism
39. Re:Best way to stop these criminals by Anonymous Coward · 2016-02-03 13:36 · Score: 0
  
  Call them idiot criminals if you want. They should still be rounded up by law enforcement and executed.
  How about instead we send a gang of bull niggers to your house so they can rape you up the ass until you
  realize how much you like it, you pathetic fascist piece of trash ?
Main purpose... by Dins · 2016-02-02 01:18 · Score: 4, Interesting

From TFA:

According to Infowars, which was alerted to the zine's existence by AnonSec, the hackers' main purpose in hacking Nasa was to highlight the fact that the US government is using climate engineering methods such as cloud seeding and geo-engineering to manipulate the climate and cause more rain to fall in order to combat the effects of carbon emissions.
Well...? Are they?
1. Re:Main purpose... by Viol8 · 2016-02-02 01:32 · Score: 1
  
  "Well...? Are they?!"
  No. But I've heard they might be selling US Govn branded tin foil hats to "special" people.
2. Re:Main purpose... by Anonymous Coward · 2016-02-02 01:34 · Score: 0
  
  The answer to that probably depends on which side of the tin foil hat divide you fall on. I'd have thought that there's no way they could make interventions on the scale required to actually make a difference without it being public knowledge; a couple of drones isn't going to cut it.
3. Re:Main purpose... by Anonymous Coward · 2016-02-02 01:50 · Score: 3, Funny
  
  Of course they are....Look at California for the last 5-6 years. Constant rainfall. No wildfires at all
4. Re:Main purpose... by OzPeter · 2016-02-02 01:51 · Score: 4, Informative
  
  From TFA:
  
  According to Infowars, which was alerted to the zine's existence by AnonSec, the hackers' main purpose in hacking Nasa was to highlight the fact that the US government is using climate engineering methods such as cloud seeding and geo-engineering to manipulate the climate and cause more rain to fall in order to combat the effects of carbon emissions.
  Well...? Are they?
  Given that Cloud seeding has been around for 70 years why would it it be a surprise or controversial that NASA was experimenting with it?
  
  --
  I am Slashdot. Are you Slashdot as well?
5. Re:Main purpose... by Anonymous Coward · 2016-02-02 02:51 · Score: 1
  
  I wouldn't think this would be something you could hide easily, nor would you need to. That sounds like a BS reason to me. They are doing it for fun or for some other reason and that is just their idiotic cover.
  If the US could fight climate change with clouds and NASA, we'd be plastering that all over the news. Maybe NASA did some experiments and some idiotic hacker found the data and assumed it was a global conspiracy rather than NASA just playing around with science as they often do.
  Is the government secretly using those methods to mass impact climate change? No freaking way, that's idiotic, that's right up there with chemtrails. You have to be very naive or very stupid to believe that kind of stuff.
6. Re:Main purpose... by Anonymous Coward · 2016-02-02 03:06 · Score: 0
  
  [ItsATrap.jpg]
7. Re:Main purpose... by kilfarsnar · 2016-02-02 03:38 · Score: 1
  
  "Well...? Are they?!"
  No. But I've heard they might be selling US Govn branded tin foil hats to "special" people.
  How do you know? Cloud seeding has been used for decades to modify the weather. I'm not saying it is or isn't happening. But you seem very quick to dismiss such an idea when it's really not far fetched at all.
  
  --
  "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
8. Re:Main purpose... by kilfarsnar · 2016-02-02 03:41 · Score: 1
  
  From TFA:
  
  According to Infowars, which was alerted to the zine's existence by AnonSec, the hackers' main purpose in hacking Nasa was to highlight the fact that the US government is using climate engineering methods such as cloud seeding and geo-engineering to manipulate the climate and cause more rain to fall in order to combat the effects of carbon emissions.
  Well...? Are they?
  Given that Cloud seeding has been around for 70 years why would it it be a surprise or controversial that NASA was experimenting with it?
  Because it's not reported on the evening news. And everyone knows that if it's not on the evening news it didn't happen, and anyone who thinks it might have is a tinfoil hat wearing conspiracy theorist.
  
  --
  "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
9. Re:Main purpose... by Anonymous Coward · 2016-02-02 03:51 · Score: 0
  
  No, the correct response is Infowars? I wasted my time reading something from InfoWars?
  Good bye Slashdot, gonna' miss you.
  Proud AC.
10. Re:Main purpose... by Viol8 · 2016-02-02 04:06 · Score: 2
  
  Because the amount of rain needed to pull significant amounts of CO2 out of the atmosphere would cause biblical floods. And there probably isn't enough water vapour in the air to do it anyway. Anonsec shouldn't have skipped chemistry classes at school.
11. Re:Main purpose... by doggo · 2016-02-02 04:23 · Score: 1
  
  Cloud seeding has been used to attempt to modify weather for decades. It's just not that effective.
12. Re:Main purpose... by Anonymous Coward · 2016-02-02 05:27 · Score: 0
  
  According to Infowars
  And the credibility is gone.
13. Re:Main purpose... by Anonymous Coward · 2016-02-02 06:06 · Score: 0
  
  Anonsec shouldn't have skipped school.
  There, FTFY.
14. Re:Main purpose... by Coren22 · 2016-02-02 07:50 · Score: 1
  
  It seemed pretty effective in the 2008 olympics.
  http://www.independent.co.uk/s...
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
15. Re:Main purpose... by iceaxe · 2016-02-02 10:39 · Score: 1
  
  From TFA:
  
  According to Infowars...
  Mmmmhmm. Methinks we're seeding tempests in teacups, here.
  
  --
  WALSTIB!
16. Re: Main purpose... by Anonymous Coward · 2016-02-02 22:44 · Score: 0
  
  Why does this image not redirect to goatse???
Not much of a "hack" by p51d007 · 2016-02-02 01:20 · Score: 5, Insightful

How much of a hack is it, when the basic understanding of their servers, is bought from someone from either within or a former member of the I.T. team? "AnonSec explains that it purchased an "initial foothold" from a hacker with knowledge of Nasa's servers in 2013"
1. Re:Not much of a "hack" by Frosty+Piss · 2016-02-02 04:27 · Score: 1
  
  In addition, many are suggesting that all they accessed was honeypots with essentially open doors. By the way, names, work email and office phones of most government employees are not classified in any way and available through published directories, and certainly FOIA requests (so says me, a former Records Custodian for the Air Force).
  
  --
  If you want news from today, you have to come back tomorrow.
2. Re: Not much of a "hack" by MarkH · 2016-02-02 06:06 · Score: 1
  
  A good system ( not just code but process ) should have protection against credential exposure.
2414 names? Meh, try people.nasa.gov by Anonymous Coward · 2016-02-02 01:24 · Score: 2, Informative

names, email and phone numbers of all NASA employees are public, and on the web at people.nasa.gov. tens of thousands of em, free for the taking. There's also an x.500 directory.
1. Re:2414 names? Meh, try people.nasa.gov by jc42 · 2016-02-02 03:18 · Score: 3, Interesting
  
  names, email and phone numbers of all NASA employees are public, and on the web at people.nasa.gov. tens of thousands of em, free for the taking. There's also an x.500 directory.
  Perhaps, but the US "security" system doesn't consider the fact that info is openly published to be a reason not to classify the info as "secret".
  There was a fun report some time back, about the US Dept of Defense funding a couple of academic researchers to study what could be learned about US military forces solely from publicly-available published sources. They spent some months collecting publications, wrote up their report, sent it to the DoD -- and within a couple of days it had a Secret classification. ;-)
  Everyone who read the story got a good laugh, of course, but it does serve as an example of the logic behind the security classification system. It's also a useful counter-example of the old "If you've done nothing illegal, you have nothing to fear" mantra. In the US, it certainly can be illegal to be in possession of information that a government agency has published openly. It can even be illegal to know that it's illegal to have some information. (Google "FISA warrant" for some examples. ;-)
  
  --
  Those who do study history are doomed to stand helplessly by while everyone else repeats it.
2. Re:2414 names? Meh, try people.nasa.gov by Anonymous Coward · 2016-02-02 03:59 · Score: 0
  
  The collection of enough information in a single document can elevate the classification level of the document.
  If you as a public person were to collect that information through unclassified sources there is no issue with that. It only is an issue for those people who have signed agreements dealing with protecting classified information even then it is not a major issue. See Snowden and the information he released and how people with clearances needed to deal with it.
  Even with FISA warrants you are free to talk with a lawyer you are not allowed to inform or tell the person who is being investigated until time or events have changed.
3. Re:2414 names? Meh, try people.nasa.gov by Registered+Coward+v2 · 2016-02-02 04:52 · Score: 1
  
  There was a fun report some time back, about the US Dept of Defense funding a couple of academic researchers to study what could be learned about US military forces solely from publicly-available published sources. They spent some months collecting publications, wrote up their report, sent it to the DoD -- and within a couple of days it had a Secret classification. ;-)
  That's not necessarily as odd as it sounds. A bunch of open source information, compiled and interpreted, can become classified. What's interesting is what is collected and what it is used for, not that all the sources were unclassified.
  
  --
  I'm a consultant - I convert gibberish into cash-flow.
4. Re:2414 names? Meh, try people.nasa.gov by AF_Cheddar_Head · 2016-02-02 05:30 · Score: 1
  
  Umm, not illegal for a general citizen of the United States to obtain and possibly publish classified information, you might get a VISIT after the fact of publishing it asking you not to publish again and to withdraw the publication but not illegal unless you have signed a non-disclosure agreement when receiving a security clearance or you used illegal means to obtain the information. Settled pretty well during the '70s Pentagon Papers incident.
5. Re:2414 names? Meh, try people.nasa.gov by crow_t_robot · 2016-02-02 10:05 · Score: 1
  
  That's called "classification by aggregation." It's a thing. Like the letter "a" and the letter "b" are not classified by themselves but the string of characters you put together for an admin password for a system is classified. Think of it like that.
They must plan for this eventuality by rmdingler · 2016-02-02 01:24 · Score: 1

We've have planned obsolescence. Why not planned corruption of data systems?
It seems clear the ability to keep nearly anything secure wanes exponentially with the amount of effort the infiltrator is willing to expend.
TFA mentions some of the Anonsec members had reservations about crashing the $222 million UAV, so there's no way we can know for certain that didn't play a role, but ground control was able to take control back manually through satellite connection. There is likely some additional redundancy to foil takeover attempts. "Wait... not that button, idiot!"

--
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
What To Do? by JimSadler · 2016-02-02 01:28 · Score: 1

The circumstance appears to be that we can advance technology faster than we can advance technology to secure the products of progress. So how do we get security out front, instead of releasing devices and then trying to figure out how to secure them? I suggest that part of the problem rests in having that human link to the drones. If we used technology similar to what exists in the Cruise missiles it becomes a launch it and leave it alone type of device instead of needing humans to continue its mission.
1. Re: What To Do? by O('_')O_Bush · 2016-02-02 02:13 · Score: 1
  
  The problem is that any automated system needs an 'oops... nevermind, don't do that' button, so there will always be a vector of attack.
  
  --
  while(1) attack(People.Sandy);
2. Re:What To Do? by swb · 2016-02-02 04:14 · Score: 1
  
  âoeCivilization is a hopeless race to discover remedies for the evils it produces.â
  â Jean-Jacques Rousseau
  You could probably extend that by saying that security is a hopeless race because it depends on a posteriori knowledge of the system in order to discover weaknesses.
  You can ameliorate it by making security review an iterative process of design and not releasing the technology until after it has been refined, but you still don't know what new problems may emerge until after it has been refined. Your knowledge of the system's security isn't whole until after it can be tested.
end to wmd on credit & fossil fuel addictions. by Anonymous Coward · 2016-02-02 01:28 · Score: 0

what's next? deweaponization? outbreaks of peace? taking care of each other/the disadvantaged.. hand in hand we stand....
Why hate on NASA by Anonymous Coward · 2016-02-02 01:29 · Score: 0

I could understand crashing a NSA/FBI/CIA/DOD drone but NASA has never really did any wrong to warrant crashing a bit chunk of their budget.
1. Re:Why hate on NASA by Thud457 · 2016-02-02 04:12 · Score: 1
  
  Maybe because they're run by a secret cabal of Osiris worshipers.
  
  HA HA...
  heh...
  
  --
  the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
What a bunch of fools by Anonymous Coward · 2016-02-02 01:36 · Score: 0

It is no longer impressive to hack somebody. You just show what a little child you are.
Only in America... by xxxJonBoyxxx · 2016-02-02 01:50 · Score: 0, Troll

Only in America does a drone cost $222M.
1. Re:Only in America... by drooling-dog · 2016-02-02 02:22 · Score: 0, Troll
  
  Moderated "Troll", seriously?
  Anyway, it's not $222 million for the drone, it's $500K for the drone and $221,500,000 for continued patronage from the contractor.
2. Re:Only in America... by AF_Cheddar_Head · 2016-02-02 05:49 · Score: 1
  
  $220M per drone is not the fly-away cost that is the total cost of the project including R&D and ground equipment divided by the number of Global Hawk drones produced. Yes a real number of dollars spent but much of the R&D cost is applicable to follow on systems. Produce more Global Hawks and that $220M per Drone figure actually goes down. Not advocating for more Global Hawks but the fly-away cost is probably closer to $30M per drone.
  The same cost calculation inflate the cost of a B-2 because when we originally anticipated the R&D spread over 100 planes it looked reasonable but when you reduce the buy to 16 planes you raise the per plane R&D cost by a factor of 6.5.
  Oh and how many 747s have been produced to spread R&D costs over?
3. Re:Only in America... by xxxJonBoyxxx · 2016-02-02 07:01 · Score: 1
  
  >> $220M per drone is not the fly-away cost that is the total cost of the project
  So if someone downs one, we're not actually out $220M, right? (The replacement cost should be much, much less...)
AnonSec = Attempted Murderers by mandark1967 · 2016-02-02 01:51 · Score: 0

NASA uses their Globalhawk drones for Hurricane/Typhoon research which directly helps meteorologists refine hurricane tracks so people can GTFO of the way of the worst part of the storm damage via evacuations.
No Globalhawk = less accurate hurricane track, which results in more dead humans = Attempted Murder. Find 'em. Execute them. They admitted their crimes so no need for a trial

--
Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
1. Re:AnonSec = Attempted Murderers by Baron_Yam · 2016-02-02 01:58 · Score: 3, Interesting
  
  More or less. There is no acceptable or even pseudo-acceptable justification for this attack.
  There's no secret conspiracy uncovered, no risk to national security the government won't admit to or fix, just NASA doing what they're supposed to be doing.
  And these idiots deciding to try and fuck it up as best they can because they can. A lengthy stay in prison without access to electronics might just be what they need to smarten up. If not, at least they'll have less opportunity to cause trouble for a while.
2. Re:AnonSec = Attempted Murderers by Anonymous Coward · 2016-02-02 02:49 · Score: 0
  
  They admitted their crimes so no need for a trial
  Go crawl back under whatever totalitarian rock you crawled out from.
  To anyone who thinks my tone is too extreme this person is advocating the abolition of trial by jury in the free world. Let that sink in for a second.
3. Re:AnonSec = Attempted Murderers by hey! · 2016-02-02 02:55 · Score: 1
  
  If the standard is that people who do things that through several links of causality are guilty of murder, probably everyone is guilty of murder. Economic crimes cause excess deaths because of opportunity costs. Do any of the companies you invest in do financially dodgy stuff? How about companies invested in by your mutual funds? Loaned money by your bank?
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
4. Re:AnonSec = Attempted Murderers by Anonymous Coward · 2016-02-02 03:00 · Score: 0
  
  Just make the damn drones and networks more secure. Stop hiring bad/lazy IT guys for starters. I meet so many who are well below the curve and seem to just be guys who rushed in to fill a IT 'computer guy' void. The bar on IT skills is too low and it shows across the entire world. To some degree we can expect and accept that from an immature market, but most of these big hacks were 90% perventable. Maybe hackers get in, but proper IDS/IPS is not being done on most networks period. Most IT directors don't know enough about network security and are not able to stay up to date. They overlook the need to hire a proper security specialist for their IT team and don't get enough third party audits, which are far cheaper than losing thousands of employees personal info.
  We can't stop hacking by arresting people. As long as the exploits are there people will be drawn to them. Hunting hackers can be expensive, the time and money are better spent on network and even physical security.
5. Re:AnonSec = Attempted Murderers by Anonymous Coward · 2016-02-02 03:21 · Score: 0
  
  You're like half a notch from going full fucking butterfly theory. Trying to swing chains of causality isn't even a slippery slope, it's immoral from square one.
  
  You shouldn't even be able to post since ISPs KNOWINGLY enable criminal pedoristdruglord activity, and DON'T EVEN DENY that their services were used by MURDERERS.
6. Re:AnonSec = Attempted Murderers by Anonymous Coward · 2016-02-02 03:25 · Score: 0
  
  In principle, I agree with you.
  However, the benefit(s) of said jury in America are pretty much long past. You're tried and convicted by the cops, judge, prosecutor, etc long before you ever walk into that courtroom. And the jury... well... I've sat on a couple jury trials before. You'd be surprised how many jurors couldn't care less about right and wrong, and want to base their decision on which attorney has the nicest looking tie, or the defendant's haircut. The jury is pretty much a hail mary maneuver when all else fails and you can't buy your way out of it.
7. Re:AnonSec = Attempted Murderers by dcw3 · 2016-02-02 03:38 · Score: 1
  
  They've admitted their crime. All that's needed is the sentencing.
  
  --
  Just another day in Paradise
8. Re:AnonSec = Attempted Murderers by Anonymous Coward · 2016-02-02 05:11 · Score: 0
  
  Public claims != pleas in court.
  Don't be fucking stupid.
9. Re:AnonSec = Attempted Murderers by mandark1967 · 2016-02-02 07:56 · Score: 1
  
  At least have the balls to your real account.
  
  --
  Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
10. Re:AnonSec = Attempted Murderers by mandark1967 · 2016-02-02 08:02 · Score: 1
  
  You're so dense you're about 3 replies away from achieving fission.
  Risk the lives of pilots to gather the same damn info that can be gathered without risk of life?
  and
  You refer to their research plane...you know...the one that was a former military plane just like the re-purposed Globalhawks
  
  --
  Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
11. Re:AnonSec = Attempted Murderers by mandark1967 · 2016-02-02 08:05 · Score: 1
  
  You're AC. Who gives a damn what your opinion is if you're too scared to put your name next to it.
  
  --
  Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
12. Re:AnonSec = Attempted Murderers by Anonymous Coward · 2016-02-02 08:44 · Score: 0
  
  Lol. You're a drama queen aren't you? Where in any of this did they talk about trying to kill anyone? It's an unmanned drone over the ocean. Now go back to your hole.
13. Re:AnonSec = Attempted Murderers by Anonymous Coward · 2016-02-02 08:54 · Score: 0
  
  Don't just mention stupid, but ignorance: public announcements aren't substitutes for due process.
Calling Bullshit by Anonymous Coward · 2016-02-02 03:10 · Score: 0

All data the "hackers" showed is available on public sites hosted by NASA, including the phone directory.
And when was the last time you saw an OS that even had a root password, yet alone a default one and let you SSH in as root by default?
Mod up by tekrat · 2016-02-02 03:10 · Score: 1

Troll is right.
Why does a drone cost as much as a Boeing 747?

--
If telephones are outlawed, then only outlaws will have telephones.
SPLITTERS! by Anonymous Coward · 2016-02-02 03:50 · Score: 1

You're not anonymous,
We're the real real anonymous.

Those "original real anonymous" guys are a bunch of posers.
It's a science mission by nycsubway · 2016-02-02 04:26 · Score: 1

Why would anonsec be interested in hacking this? It's a scientific mission, not a military one. It may use the same drone platform as the predator drone, but its still for a purely scientific purpose.

--
http://github.com/gbook/nidb
1. Re:It's a science mission by dpidcoe · 2016-02-02 05:56 · Score: 1
  
  Er, TFA said it was a global hawk? The global hawk and the predator are two completely different aircraft made by two completely different companies. That's like saying the A320 and the 737 use the same platform.
2. Re: It's a science mission by Anonymous Coward · 2016-02-02 06:35 · Score: 0
  
  The Global Hawk is huge and has a wingspan like an A320 or a 737. A Predator is much smaller.
3. Re:It's a science mission by Anonymous Coward · 2016-02-02 19:29 · Score: 0
  
  So they targeted the completely wrong drones. Oops.
222 milli-dollars by kheldan · 2016-02-02 04:51 · Score: 5, Funny

What's the big deal? The drone cost 22.2 cents? They probably have a closet full of them. Are they made of copier paper and office supplies? Dang, those guys at NASA sure are creative, making a working drone from office supplies for a little over twenty-two cents each? USA! USA! USA!

--
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
1. Re:222 milli-dollars by tnk1 · 2016-02-02 05:59 · Score: 1
  
  Technically, this is possible. Land values in the US for tax purpose are in "mils" which are 1/1000th of a dollar. Even when this was created early on, a "mil" was never more than a unit of account.
  If only the drone was actually priced in mils....
From the Reeesearch Department by Anonymous Coward · 2016-02-02 05:11 · Score: 0

More "ethical" research designed to enhance the safety and security of your products.
Left your door unlocked? FUCK YOU, I'm taking your shit to teach you a lesson.
Nasa by PinkyGigglebrain · 2016-02-02 06:25 · Score: 1

Why the fuck did they target NASA?? I mean NASA is a civilian organization with limited funding and mostly non military projects so why did they try to drop a research drone into the ocean?

If they wanted to make a point about how easy a drone was to hack why didn't they go after the DoD? Oh, that's right, the DoD actually has better security in place (not perfect I know, but better) and AnonSec probably couldn't even get a phone number to call.

I usually side with the Hackers and Hacktivists but this time I just can't.
10,000 machines in NASA are infected by malware by concertina226 · 2016-02-02 07:59 · Score: 1

There's a follow-up to the NASA hack story - 10,000 machines in NASA's internal network are broadcasting malware signatures, and over 30 databases are exposed to the public web: http://www.ibtimes.co.uk/nasa-...
1. Re:10,000 machines in NASA are infected by malware by vandamme · 2016-02-03 07:31 · Score: 1
  
  It's time they switched to Linux.
*yawn* by MakersDirector · 2016-02-02 08:28 · Score: 0

So what they're saying in plain English:
They hacked a computer by or near an Air Force personnel who they think is a drone pilot.
They acquired personal and personnel information.
And now they're leveraging Marketing techniques to try to make it seem like they did much more than they really did.
Ok. Good job on getting the personal information. But ya didn't come close to hopping the wire to the controls, let alone actually fly a drone.
TLDR: PLEASE READ TFA! by Anonymous Coward · 2016-02-02 09:18 · Score: 0

The hackers then secretly programmed the NAS devices to quietly send a copy of all the flight logs out to the hackers' server outside Nasa's network, but when they looked at the flight logs,
Who knew you can control a drone by accessing LOG servers. It's NASA, they likely encourage distribution of their logs as a public service! Log server != Ground Station, nor a remote operations center. Now if those log server are on the main WAN, more info can be acquired, and shame on NASA IT and they need to plug it to protect private info... But LIRC, most GCSs are disconnected from the internet/WAN due to the type of industrial computers they use. No different from a SCADA environment. BUT it's no different from Bank of America having logs on a open server accidentally (the transaction servers are likely secured or using some encryption/openssh/etc...).
And AnonSec is thinking, "wow, we can scp out their logs, and analyze their logs, now we can control an aircraft! FTW! Lulz!" LOL..... Geez, I can draw a flight plan on MS Paint for all that matters. Lat/Lon/Alt/Time, done....
And... the author has sensationalized this incident... typical of IBT.
almost succeeded? by Anonymous Coward · 2016-02-02 10:31 · Score: 0

so they failed.
FYI... by Anonymous Coward · 2016-02-02 23:43 · Score: 0

Gaining NASA names, email addresses, and phone numbers is nothing special. Just go to people.NASA.gov and its freely available public knowledge.
Employee data? by sentiblue · 2016-02-03 07:20 · Score: 1

I don't get it...

Why in the world would a drone carry employee data?