Activist hacker group AnonSec has released a large trove of data it says was stolen from NASA servers, and detailed the way in which it nearly crashed a $222 million (£154m) Global Hawk drone into the Pacific Ocean.
The 250GB data cache includes the names, email addresses and telephone numbers of more than 2,400 NASA employees, more than 2,100 flight logs and 631 videos drawn from NASA aircraft and radar feeds.
The data theft and drone access took place over a period of several months, beginning in 2013, according to a report AnonSec released along with the data cache detailing its activities.
The group claims it first obtained access to NASA’s systems when it purchased a user login from a third-party hacker in 2013. The group found that administrator credentials for remotely controlling computers and servers had been left at default, allowing it to install a packet sniffer which in turn gathered more login data.
“People might find this lack of security surprising but it’s pretty standard from our experience,” AnonSec said in the report. “Once you get past the main lines of defence, it’s pretty much smooth sailing propagating through a network as long as you can maintain access.”
Gaining access to storage units at the Glenn Research Centre in Ohio, the Goddard Space Flight Centre in Maryland and the Dryden Flight Research Centre (now the Neil A. Armstrong Flight Research Centre) in California, AnonSec found that they contained pre-planned flight routes for drones, and uploaded an altered route intended to crash a drone into the Pacific.
“Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone… but we continued anyways lol,” the group said in the report.
The drone followed the altered route until the deviation was noticed by NASA controllers, who manually corrected the flight path, according to AnonSec. At this point NASA became aware of the security intrusion and cut off AnonSec’s access by changing passwords and patching vulnerabilities, the group said.
AnonSec claims it initially hacked NASA’s systems in the hope of discovering information about the agency’s alleged involvement in climate engineering methods, such as cloud seeding, that the group believes are harmful to human health.
The group, which is affiliated with the Anonymous hacker collective, claimed in 2014 that it had hacked an NSA drone and has claimed responsibility for hacking government systems in Israel, Indonesia and Turkey.
NASA did not immediately respond to a request for comment.
Last year British-Finnish activist Lauri Love was charged with hacking into NASA and other US federal agencies, with US authorities requesting his deportation. Others accused of hacking NASA include Gary McKinnon, a Scottish systems administrator, whose lengthy extradition proceedings to the US were finally withdrawn in 2012.
Like AnonSec, McKinnon claimed he had accessed NASA’s systems in order to search for secret records, in his case relating to UFOs and concealed alternative energy sources.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
View Comments
“Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone… but we continued anyways lol,”
With the stated intention to crash the drone, there is a terrorist element within AnonSec. Maybe those who don't want to be terrorists might roll on those who are. LOL.