Hacker Steals Military Docs Because Someone Didn't Change a Default FTP Password

New submitter secwatcher shares a report: A hacker is selling sensitive military documents on online hacking forums, a security firm has discovered. Some of the sensitive documents put up for sale include maintenance course books for servicing MQ-9 Reaper drones, and various training manuals describing comment deployment tactics for improvised explosive device (IED), an M1 ABRAMS tank operation manual, a crewman training and survival manual, and a document detailing tank platoon tactics. US-based threat intelligence firm Recorded Future discovered the documents for sale online. They say the hacker was selling the data for a price between $150 and $200, a very low asking price for such data. Recorded Future says it engaged the hacker online and discovered that he used Shodan to hunt down specific types of Netgear routers that use a known default FTP password. The hacker used this FTP password to gain access to some of these routers, some of which were located in military facilities, he said.

Re:Never attribute to malice

[b0s0z0ku]

Netgear routers is one thing - using them as NAS servers for sensitive data is a whole other special kind of stupid.

A few issues...

[chipperdog]

A Netgear consumer router is being used as a firewall for networks containing military secrets? Not what I would have expected, I usually use more robust firewalls on network I maintain. A default password was left in place for a router on a secure network....FTP configuration from outside was left enabled on router...Against most acceptable security practices for any network The USAF didn't do regular nmap scans and pentests of their networks from various points around the world that would have found this opening...They didn't regularly check sites like Shodan to see what shows for their networks... I do these regularly for networks I maintain...

Re:wow - just wow

[BlueStrat]

who has netgear equipment anymore? who allows default passwords anymore? wow

Yes, but let's make this all about the "hacker" and ignore anything to do with holding any US military or politicians responsible for making the breach possible. After all, cases like that of Lauri Love show that the go-to response by the US government for these sorts of situations is "kill the messenger!" whenever government incompetence and corruption are exposed, and this behavior is not limited to Left or Right. It's natural human behavior that's amplified and given power by having a too-powerful central government

Strat

Re:Never attribute to malice

[MightyMartian]

The fact that FTP is being used at all is a big red flag for me. Unless it's sitting inside a fully encrypted tunnel, an FTP password is so trivial to steal even if it isn't an obvious password. There may be a few cases where one has to use FTP, but where I have been forced to use it (old hardware), it's ringfenced like nuts, and I'm not going to have an FTP server open on the Internet, unless it's some sort of publicly available archive where I don't care who downloads off of it.

compulsion

[bugs2squash]

Hacker Steals Military Docs Because Someone Didn't Change a Default FTP Password

Should read Hacker Steals military docs because she's a sleazeball

The lack of a proper password helped her commit the crime, it didn't compel it, she could of instead just told the authorities about the screwup

Re:The data itself...

[freeze128]

They have a manual that describes tactics for the deployment of COMMENTS? Slashdot could really use that...

Re:Never attribute to malice

They didn't have NAS back in 1965. It was the early 1980s before any such concept was even developed. Don't be lying to us.