NASA Denies Hackers Hijacked Its Drone - InformationWeek
Government // Cybersecurity
03:16 PM
Connect Directly

NASA Denies Hackers Hijacked Its Drone

The space agency insists AnonSec didn't commandeer a NASA Global Hawk drone, but it's still looking into claims its network was hacked.

10 Signs You're Not Cut Out To Work At A Startup
10 Signs You're Not Cut Out To Work At A Startup
(Click image for larger view and slideshow.)

Hacking group AnonSec claims to have breached NASA's network and to have temporarily gained partial control of a NASA Global Hawk drone. The group says that two years ago it bought access to a NASA server from an individual identified as "Ghosts" (鬼佬) and, after months of network reconnaissance, managed to upload a .GPX file containing a pre-planned flight path -- for autopilot and connection failover -- to a NASA drone. The group speculates that its attempt to crash the drone failed because of pilot intervention.

To support its claim, AnonSec says it has posted 250GB of data exfiltrated from NASA servers.

Allard Beutel, acting director of NASA's news and multimedia division, in an email denied the group's assertions about the drone, and said the alleged breach is being investigated.

"Control of our Global Hawk aircraft was not compromised," said Beutel. "NASA has no evidence to indicate the alleged hacked data are anything other than already publicly available data. NASA takes cybersecurity very seriously and will continue to fully investigate all of these allegations."

Beutel added that NASA makes its scientific data publicly available, and that appears to be how the posted data was retrieved.

AnonSec acknowledges that at least some of the data posted is public, but the group claims it "wanted access to the raw data, straight from the backend servers, to see if they [NASA] were not publishing some of the data or possibly tampering with the data."

(Image: NASA Photo/Tom Miller)

(Image: NASA Photo/Tom Miller)

The group says one of the reasons it undertook its supposed infiltration was to bring awareness to government weather engineering research, which it considers sinister and related to efforts to promote corporate agribusiness and genetically modified organisms. The group stops short of proposing a specific conspiracy theory, noting that possible motives for geo-engineering range from "logical" to "a bit of a stretch."

NASA's claim that AnonSec posted purely public data also appears to be a bit of a stretch. For example, the hacking group posted a text dump of contract details for 2,414 NASA employees. NASA does offer an online directory but only to authorized NASA personnel. While it's plausible that AnonSec could have scraped websites for email addresses and phone numbers in order to present them as purloined data, a hack seems more likely, particularly in light of other details provided, like the use of weak passwords.

AnonSec claims to have identified several Ubuntu 3.8.0-29 systems on NASA's network that were vulnerable to a local root exploit, CVE-2014-0038. By exploiting this vulnerability, the hacking group claims it accessed a specific administrator's workstation and then was able to expand its access by exploiting the same vulnerability in other systems that had not been patched.

[Read OPM Breach Leads to New Systems, Procedures.]

AnonSec even offers some well-chosen words of advice to IT administrators. "People might find this lack of security surprising but its [sic] pretty standard from our experience," the group says in its post. "Once you get past the main lines of defence, its [sic] pretty much smooth sailing propagating through a network as long as you can maintain access. Too many corporations and governments focus 99% on preventing intruders instead of having viable solutions once there is a security breach, which is guaranteed to happen."

But it's not guaranteed to be proven.

Are you an IT Hero? Do you know someone who is? Submit your entry now for InformationWeek's IT Hero Award. Full details and a submission form can be found here.

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
2/3/2016 | 9:53:36 AM
Re: When it's necessary to read between the lines....
@Charlie Babcock - could not agree more, this days it interesting reading between the lines... but it sad reality of technology - as everything could be used for good or bad... even drones.... 
Charlie Babcock
Charlie Babcock,
User Rank: Author
2/2/2016 | 9:47:38 PM
When it's necessary to read between the lines....
Good reading between the lines to estimate what actually happened in the NASA drone incident.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll