The AnonSec group previously gained fame after claiming to have hacked an NSA drone in 2014, and is known to have hacked Israeli, Indonesian and Turkish government and commerce websites for a variety of political reasons.
Hackers from the AnonSec group who spent several months hacking Nasa have released a huge data dump and revealed they tried to bring down a $222m Global Hawk Drone into the Pacific Ocean. The hack included employee personal details, flight logs and video footage collected from unmanned and manned aircraft.
The 250GB data dump contained the names, email addresses and phone numbers of 2,414 Nasa employees, 2,143 flight logs and 631 videos taken from Nasa aircraft and radar feeds, as well as a self-published paper (known as a “zine”) from the group explaining the extensive technical vulnerabilities that the hackers were able to breach.
In the zine, AnonSec explains that it purchased an “initial foothold” from a hacker with knowledge of Nasa’s servers in 2013 and then began experimenting to see how many computers they could break into and hijack. AnonSec found that the administrator credentials for securely controlling Nasa computers and servers remotely were left at default, so it took the hackers no time at all to get into the network and then grab more login data using a hidden packet sniffer.
Over several months, the hackers continued to map Nasa’s internal network, discovering details to a wide range of public and private missions, airbases and aircraft, including information and video footage relating to the Global Hawk drones and Operation Ice Bridge polar ice research mission in 2012 and 2013.
The videos show drones taking off from a Nasa runway, as well as aerial footage of large bodies of ice, while flight logs show aircraft models, GPS coordinates and sensor readings.
Almost succeeded in crashing a Nasa drone into the sea
This map shows the altered flight path for the Global Hawk drone set by AnonSec, which was meant to cause the drone to crash into the oceanAnonSec
Eventually, AnonSec says it managed to infiltrate the networks at the Glenn Research Center, Goddard Space Flight Center and Dryden Flight Research Center, and were able to gain full root access to three network-attached storage (NAS) devices that were compiling back-ups of aircraft flight logs.
The hackers then secretly programmed the NAS devices to quietly send a copy of all the flight logs out to the hackers’ server outside Nasa’s network, but when they looked at the flight logs, they realised that part of the data they were receiving consisted of pre-planned route files for Nasa’s Global Hawk drones. Every time a drone mission took off, Nasa drone operators were uploading specific flight paths, so the hackers realised that they could simply replace the Global Hawk drone route file, and that would cause the drone to deviate from its set flight path and do whatever the hackers wanted it to do.
“Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone… but we continued anyways lol,” AnonSec wrote in its zine, together with a screenshot showing how the hackers tried to deviate the Global Hawk’s flight path to cause it to crash into the Pacific Ocean.
Fortunately for Nasa, AnonSec says that the drone operators in Ground Control noticed that the drone had deviated from its original flight path and manually accessed the drone via satellite to redirect it from a watery grave.
Nasa really needs to improve its cybersecurity practices
Only after this incident did Nasa finally realise it was being hacked and take efforts to inspect its network, shutting the hackers out for good by changing passwords and patching the critical vulnerabilities.
“Nasa has been breached more times than most people can honestly remember… However, this hack into Nasa wasn’t initially focused on drones [sic] data and upper atmosphere chemical samples. In fact the original breach into Nasa systems wasn’t even planned, it was caught up in a gozi virusspread,” AnonSec wrote.
“People might find this lack of security surprising but its [sic] pretty standard from our experience. Once you get past the main lines of defense, its [sic] pretty much smooth sailing propagating through a network as long as you can maintain access.”
According to Infowars, which was alerted to the zine’s existence by AnonSec, the hackers’ main purpose in hacking Nasa was to highlight the fact that the US government is using climate engineering methods such as cloud seeding and geo-engineering to manipulate the climate and cause more rain to fall in order to combat the effects of carbon emissions.