European Space Agency Confirms FTP Server Hack

A hacker has breached the FTP servers at the European Space Agency (ESA) and posted usernames and passwords online.

Romanian hacker TinKode, who attacked the Royal Navy website last year, claimed on his blog that he had penetrated the European Space Agency (ESA), and published online an estimated 200 usernames passwords. The ESA confirmed the hack to eWEEK Europe UK.

ESA Confirmation

Speaking to eWEEK Europe UK, a spokesman for the ESA confirmed the hack took place, but said that it had not compromised the main website of the ESA, but rather a number of its FTP servers used to communicate with business and scientific partners.

“The main website was not compromised,” explained the ESA spokesman. “We have some B2B FTP servers that are used to exchange information and data with outside experts and institutions, and some of these FTP servers were hacked into.”

“A list of valid user names and passwords were published,” said the spokesman, who said that according to the IT department of ESA, Tinkode used a form of a SQL injection attack to gain access to the FTP servers.

“All these FTP servers have now been disconnected and taken offline, and all of their credentials updated and reset,” said the ESA. “We have also alerted all users to the attack and told them to change their passwords and to report any usual activity on their accounts.”

“I would like to stress that this attack did not affect our main website, but some of our FTP servers, that are used to exchange mission and space-related data with scientific experts. We co-operate with a lot of institutions around Europe on this this.”

Other Attacks

Last November TinKode broke into the main website of the Royal Navy (www.royalnavy.mod.uk) and revealed people’s usernames and administrator passwords, an action which forced the Navy to suspend its website for many days.

In January, Imperva revealed that several major military and government websites had been hacked and were up for sale on underground forums for just over £300.

And Symantec recently warned that 2010 was the year when targeted attacks got serious, and that targeted cyber attacks are the rise.

Last month for example the European Government was forced to shut off remote access to email during a five-day long cyber-attack on the EU Parliament’s network.

In November, the Armed Forces minister Nick Harvey called for the UK to have the ability to strike back at those conducting cyberwarfare campaigns, and he outlined the UK’s plans to defend themselves against online threats.

The issue of hacking has been very much in the spotlight of late, with attacks ranging from Epsilon, Play.com, and TripAdvisor, dominating headlines.

Meanwhile, today, the Ministry of Defence has shown that security breaches do not need an outside hacker, as it accidentally published secret information on the safety of nuclear submarines, by an elementary error in redacting information on a document.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

8 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

11 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

12 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

13 hours ago