July 19, 2018
It’s been over a month since OMB reported poor cybersecurity conditions among the federal agencies in the US, and it seems the government has still not made sufficient efforts to protect the systems from even the most rudimentary attacks.
Recorded Future, a real-time threat intelligence company, recently found highly sensitive documents about the U.S. military MQ-9 Reaper drone on the Dark Web, where a hacker was trying to sell the information for a trivial amount.
It is noteworthy that the MQ-9 Reaper drone is one of the most advanced and significant pieces of military technology, that has been commissioned in the past two decades. The documents that were put on sale allegedly contained sensitive information. Information that an adversary would be able to evaluate and exploit to assess the capabilities and weaknesses of the drone.
The original ad of the drone documents as shared by Recorded Future.
When the agency tried to draw more information from the user by disguising themselves as a potential buyer, the hacker claimed to have access to other sensitive data from US air force as well. Andrei Barysevich, a dark web expert at the agency and the author of the revealing report has said that he is almost “ 100 per cent certain “ that the document that was put up for sale and the hacker’s claim for the other possessions were genuine.
Some of these other materials include M1 Abrams maintenance manual, a document on IED mitigation tactics, a tank platoon training course, a crew survival course document, and sensitive live stream footage from border surveillance cameras, which the hacker boasted of using for the purpose of entertainment.
Ironically, during the conversation, the hacker had also shared the Cyber Awareness Challenge certificate of the officer whose computer was compromised. This would also lead to some serious internal investigations.
The hacker, whose technical skills the agency have determined are just mediocre, claimed that he has used relatively easy hacking procedures to gain access to all of these materials. He has simply exploited an unsecured Netgear router, which many security agencies have been claiming susceptible to easy attacks for the last two years. Netgear too has provided some simple steps to patch up that susceptibility which includes changing the default credentials.
It is, therefore, concerning how government officials in possession of sensitive information are treating cybersecurity practices making crucial information accessible through quite rudimentary attacks. Furthermore, it is just one case that the security agency actually know about and this was because of the naivety of the hacker who was trying to sell this invaluable information at a mere $150 dollars. It is hard to tell how many other attacks the ministry is under at present, when over 4,000 routers are still in susceptible position, as reported by Recorded Future.
The agency has alerted the authorities from the Defense Security Service and the Department of Homeland Security of the case, and as soon as it has done so, the hacker removed the advertisement from the portal. The last word from the DHS and DSS include acknowledgement of the report and a review of the information.
Resources:
https://www.recordedfuture.com/reaper-drone-documents-leaked/
http://www.wired.co.uk/article/router-hacking-drone-reaper-military-secrets