AVA- The US-based firm Recorded Future came across the data last month, when the hacker, seemingly unaware of the real value of the data, had put them on sale for $150.
The potential buyers would in turn get to download maintenance documents about the MQ-9 Reaper remote-controlled drone, which the Pentagon and other US government organizations use to conduct offensive strikes or reconnaissance and surveillance operations overseas.
To make sure that the data were credible, experts with Insikt Group, part of Recorded Future, contacted him and found out that the hacker had indeed obtained data that could hurt the US military drone program.
The hacker told the analysts that he or she had infiltrated USAF computers by exploiting a FTP vulnerability in Netgear routers which the force had failed to fix since its discovery more than two years ago.
The attacker stole the data after gaining access to the computer of a captain stationed at a base in Nevada.
The captain was partially blamed for the breach because he had failed to change the FTP password from its default setting as required by the Pentagon’s security protocols.
Besides Reaper maintenance course books and the names of airmen serving at the Nevada drone base, the hacker was also selling other military documents that he had stolen from someone working at the Pentagon or in the US Army, Insikt said.
Apparently, the second batch of data included various training manuals [describing] improvised explosive device defeat tactics; an M1 ABRAMS tank operation manual; a crewman training and survival manual; and tank platoon tactics.
“The fact that a single hacker with moderate technical skills was able to identify several vulnerable military targets and exfiltrate highly sensitive information in a week's time is a disturbing preview of what a more determined and organized group with superior technical and financial resources could achieve,” the group warned.
Monday 16 July 2018 08:35