Hacker Who Cracked US Military Unable to Sell Secrets

The researchers plan to release their data and code in the hopes that it will provide open access to information in countries where the internet is restricted. (Image via Pixabay)

An amateur South American hacker stumbled onto sensitive information about U.S. military assets. However, lack of experience made him quote a ridiculously low sum for the information, while also making him a target of the U.S. security establishment.

Contacting the hacker

Recorded Future’s analyst team, the Insikt Group, had embedded themselves into the dark web forums and had come into contact with a hacker who was offering sensitive U.S. military secrets for about US$150.

Subscribe to our Newsletter!

Receive selected content straight into your inbox.

The information on offer included the list of airmen who were assigned to a particular Reaper drone unit, a manual that described how to maintain the MQ-9A Reaper drone, a manual about the M1 Abrams tank, and several manuals that detailed ways to suppress explosive devices.

In addition, the hacker also claimed to have hacked into the surveillance cameras of several NASA bases as well as cameras along the U.S.-Mexico border. He also claimed to have footage of a Predator remotely piloted aircraft that flew over the Gulf of Mexico.

The hacker was tryting to sell footage of a Predator remotely piloted aircraft flying over the Gulf of Mexico.
Among the items on offer was footage of a Predator remotely piloted aircraft flying over the Gulf of Mexico. (Image: via Wikimedia)

Inexperienced hacker

According to Insikt, the inexperienced hacker had no clue as to the value of the materials he had in his possession. And this is why he asked for the ridiculously low sum of US$150 for it. He was also willing to provide samples of the materials as proof that it was actually taken from the U.S. military servers.

Andrei Barysevich, a researcher with Recorded Future, got in touch with U.S. officials and warned them about the leak. And since the hacker had not actually downloaded the data, but had only broken into the servers, the U.S. officials were able to prevent a leak by disconnecting the vulnerable servers and cutting off any chances for the hacker to access the information again. Andrei believes that the only reason the hack did not turn out to be a major breach of U.S. military secrets was due to the inexperience of the hacker.

“The fact that a single hacker with moderate technical skills was able to identify several vulnerable military targets and exfiltrate highly sensitive information in a week’s time is a disturbing preview of what a more determined and organized group with superior technical and financial resources could achieve,” he said in an interview with Vice. The U.S. security establishment is currently keeping tabs on the hacker.

Many of the users do not realize the importance of using strong passwords and securing their wireless network, which literally opens the device for attack. (Image via pixabay / CC0 1.0)
Many of the users do not realize the importance of using strong passwords and securing their wireless networks, which literally leaves the device open for attack. (Image via Pixabay)

The vulnerability

So, what was the vulnerability in U.S. systems that allowed the hacker to break into the servers? The answer lies in a pretty simple flaw in the Netgear routers discovered in 2016. The vulnerability allowed hackers to access any files they wanted as long as the device’s user password was outdated. And despite several attempts by Netgear, the problem persisted.

Senior product security program manager Lisa Napier told The Daily Beast: “Netgear has previously released firmware that fixes this issue… We ensure that remote services are disabled by default, and passwords are required to be configured at device setup.”

It is estimated that almost 4,000 devices are currently vulnerable to the exact same attack launched by the hacker. And a large number of these devices are used by U.S. government employees. Unfortunately, many of the users of these devices do not realize the importance of using strong passwords and securing their wireless network. This literally leaves the device open for attack by even amateur hackers who only need to apply a brute force method to find valuable data so as to exploit it.

Follow us on Twitter, Facebook, or Pinterest

Recommended Stories

White radishes.

Foods to Keep Your Lungs Healthy in Winter

The novel coronavirus (2019-nCoV), which originated in Wuhan, is spreading fast. Apart from preventive measures ...

A black hole consuming its companion star.

Black Holes Eat Stars in Variable Mood Lighting

When a black hole chews up a star, it produces visible light or X-rays, but ...

A black hole near a red giant star.

Scientists May Have Just Discovered a New Class of Black Holes

Black holes are an important part of how astrophysicists make sense of the universe — ...

A young Chinese girl wearing a mask.

Liberation From the Wuhan Epidemic

The Wuhan coronavirus epidemic in mainland China is spreading across the land at an alarming ...

A patient with caronavius.

China Coronavirus Could Trigger Pandemic: Harvard Epidemiologist

Dr. Eric Feigl-Ding, a Harvard epidemiologist and health economist, has warned that the Chinese coronavirus ...

Chinese wearing masks.

How Is the Coronavirus Spreading Across the Globe?

The first case of a novel strain of coronavirus has been confirmed in the United ...

Chiang Kai-shek.

How Formal Education in China Was Ruined by Communism

Before 1949, Chinese society, especially university education in China under the Republic of China, enjoyed ...

Dominic Barton.

Canada’s Ambassador to China Says Relations Chilled After Huawei Executive’s Arrest

Dominic Barton, Canada’s ambassador to China, recently testified before the special House of Commons committee ...

A young Chinese boy.

A Sordid Tale of Raising a Child in Communist China

Kirsty Needham is a journalist who works as the China correspondent for The Sydney Morning ...

Send this to a friend