Tuesday, February 02, 2016

Was NASA's Global Hawk Drone Hacked?

Hackers from the AnonSec group who spent several months hacking Nasa have released a huge data dump and revealed they tried to bring down a $222m Global Hawk Drone into the Pacific Ocean. The hack included employee personal details, flight logs and video footage collected from unmanned and manned aircraft.

The 250GB data dump contained the names, email addresses and phone numbers of 2,414 Nasa employees, 2,143 flight logs and 631 videos taken from Nasa aircraft and radar feeds, as well as a self-published paper (known as a "zine") from the group explaining the extensive technical vulnerabilities that the hackers were able to breach.

In the zine, AnonSec explains that it purchased an "initial foothold" from a hacker with knowledge of Nasa's servers in 2013 and then began experimenting to see how many computers they could break into and hijack. AnonSec found that the administrator credentials for securely controlling Nasa computers and servers remotely were left at default, so it took the hackers no time at all to get into the network and then grab more login data using a hidden packet sniffer.


Eventually, AnonSec says it managed to infiltrate the networks at the Glenn Research Center, Goddard Space Flight Center and Dryden Flight Research Center, and were able to gain full root access to three network-attached storage (NAS) devices that were compiling back-ups of aircraft flight logs.

The hackers then secretly programmed the NAS devices to quietly send a copy of all the flight logs out to the hackers' server outside Nasa's network, but when they looked at the flight logs, they realised that part of the data they were receiving consisted of pre-planned route files for Nasa's Global Hawk drones. Every time a drone mission took off, Nasa drone operators were uploading specific flight paths, so the hackers realised that they could simply replace the Global Hawk drone route file, and that would cause the drone to deviate from its set flight path and do whatever the hackers wanted it to do.

"Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone... but we continued anyways lol," AnonSec wrote in its zine, together with a screenshot showing how the hackers tried to deviate the Global Hawk's flight path to cause it to crash into the Pacific Ocean.

Fortunately for Nasa, AnonSec says that the drone operators in Ground Control noticed that the drone had deviated from its original flight path and manually accessed the drone via satellite to redirect it from a watery grave.

No comments: