Slashdot Mirror

← Back to Stories (view on slashdot.org)

AnonSec Attempts To Crash $222m Drone, Releases Secret Flight Videos (ibtimes.co.uk)

Posted by timothy on from the hey-those-are-tax-dollars! dept.

An anonymous reader writes with an excerpt from IBTimes that says it's not just governments that have proven themselves capable of hacking into drones: Hackers from the AnonSec group who spent several months hacking NASA have released a huge data dump and revealed they tried to bring down a $222m Global Hawk drone into the Pacific Ocean. The hack included employee personal details, flight logs and video footage collected from unmanned and manned aircraft. The 250GB data dump contained the names, email addresses and phone numbers of 2,414 NASA employees, 2,143 flight logs and 631 videos taken from Nasa aircraft and radar feeds, as well as a self-published paper (known as a 'zine') from the group explaining the extensive technical vulnerabilities that the hackers were able to breach. Among these: the group discovered that the flight paths uploaded into each drone could be replaced with their own.

10 of 133 comments (clear)

  1. hmm .. by invictusvoyd · · Score: 3, Insightful

    AnonSec found that the administrator credentials for securely controlling Nasa computers and servers remotely were left at default

    Hmm ..

  2. Not much of a "hack" by p51d007 · · Score: 5, Insightful

    How much of a hack is it, when the basic understanding of their servers, is bought from someone from either within or a former member of the I.T. team? "AnonSec explains that it purchased an "initial foothold" from a hacker with knowledge of Nasa's servers in 2013"

  3. Re:Best way to stop these criminals by Dins · · Score: 5, Insightful

    They're not terrorists. They're criminals, yes, and idiots too, but their intent was not to cause terror. Yes they should be arrested, but let's stop labeling every extreme action "terrorism" when that's obviously not the intent.

  4. Re:Best way to stop these criminals by Anonymous Coward · · Score: 5, Insightful

    What an ignorant comment. NASA is using these drones for scientific missions. Among other things, they take measurements of the ozone layer, collect data on transport of aerosols and pollutants over the Pacific (which undoubtedly impacts the weather on the west coast), and collects data on developing Atlantic hurricanes. Just because something isn't particularly secure doesn't mean you should hack it. I'd bet that the signals sent to the Voyager spacecraft and probably the Mars rovers don't use strong encryption. I'd bet if someone put their mind to it, they could spoof the signals sent to them. It would also be a dick move to interfere with valuable scientific missions just because you want to hack something. I understand the concept of hacktivism but this isn't it. That you consider NASA's atmospheric research your enemy says more than enough about you.

  5. Re:Best way to stop these criminals by Anonymous Coward · · Score: 2, Insightful

    Your being naive if you think crashing NASA's servers and getting thousands of employees personal information was nothing. That's a crime potentially in the millions of dollars, perhaps not 200 million, but still serious enough. The story is not the drone, the story is the hack. Your perspective is just on the drone because you worked on them. Keep your eye on the ball man. They hack these things just because they can and release the info to show off these glaring security holes and how far they got into the system. Crashing it would have just been better PR for them in the lulz world, but hacking it and NASA's data is still a big deal. Also, not crashing it probably plays off better in the real world where people still like NASA and would probably prefer hackers not to fly 200 million tax dollars into the ground to prove they can.

    Still, our security is far too weak, the point has been made yet again. I think that's what you supposed to be getting out of this. Just because this time they didn't crash a drone doesn't mean it's ok we let them hack in so easily. I think you also underestimate how a well timed hack could affect flight.

  6. Re:Best way to stop these criminals by Anonymous Coward · · Score: 1, Insightful

    You have anger issues, seek help.

  7. Re:Best way to stop these criminals by hey! · · Score: 2, Insightful

    Call them idiot criminals if you want. They should still be rounded up by law enforcement and executed.

    Why execute them? Because they make you angry?

    --
    Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  8. Re:From the QC Dept by smooth+wombat · · Score: 4, Insightful

    More high quality products developed by private industry for the US Govt...

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
  9. Re:From the QC Dept by oh_my_080980980 · · Score: 1, Insightful

    LMOL and how built the network? What products are used for the network? And who maintains the network? Moron...

  10. Re:From the QC Dept by radiumsoup · · Score: 5, Insightful

    Who built it? Irrelevant. What products were used? Irrelevant. It was shown to be secured by simply changing the default passwords, and leaving default passwords intact was a failure of management. So what kind of network is it, anyway? Oh, yeah, it's a .gov network. Management is controlled by the .gov entity, even if contractors are used for the keypresses and network cable enplugginations. The .gov entity is responsible for regular security audits on their systems. They failed on that management aspect.