AnonSec tries to crash $222.7m drone, releases NASA employee data and secret flight videos
Members of the AnonSec hacking group after allegedly spending months inside NASA’s internal network have released more than 276GB of data. They also disclosed that they tried to bring down a $222.7m Global Hawk Drone into the Pacific Ocean, which included employee personal details, flight logs and video footage collected from unmanned and manned aircraft. The above data dump contained the names, email addresses and phone numbers of 2,414 NASA employees, 2,143 flight logs and 631 videos taken from NASA aircraft and radar feeds.
Anonsec released a zine, a self-published paper, containing a detailed recount of their hack, dubbed “OpNasaDrones,” reveals everything from AnonSec’s motives to the specific technical vulnerabilities that enabled the extensive breach.
In their leak, information regarding NASA’s connection to weather modification research was found in a log of a DC-8 jetliner, which was conducting a flight in accordance with their “Alternative-Fuel Effects on Contrails and Cruise EmiSSions” project.
AnonSec Admin Dêfãult Vírüsa leaked the information early last week to Mikael Thalen of Infowars, before making a public release Sunday.
In the zine, AnonSec explains that it purchased an “initial foothold” from a hacker with knowledge of NASA’s servers over two years ago and then began testing to see how many computers they could “break into” and “root” – a term referring to an account with complete control over a computer or network. AnonSec found that the administrator credentials for securely controlling NASA computers and servers remotely were left at default, so the hackers gained further access into the network that let them grab even more login data with a hidden packet sniffer (tcpdump).
Over several months, the hackers continued to map NASA’s internal network. The hackers say while some members mapped the network, others analyzed the “different missions, airbases and aircraft” listed by the agency. Drones such as “Global Hawk” and public missions like “OIB – Operation Ice Bridge” were among those mentioned.
The videos show aerial footage of large bodies of ice as well as drones taking off from a NASA runway, while flight logs show GPS coordinates, aircraft models, and sensor readings.
Ultimately, AnonSec says it managed to penetrate the networks at “Glenn Research Center, Goddard Space Flight Center and Dryden Flight Research Center” and were able to gain full root access to three network-attached storage (NAS) devices tasked with compiling backups of aircraft flight logs.
“Now we had all 3 NAS devices automatically making copies of the logs as they are uploaded from the drones and renaming them to look like semi ordinary index files,” the group writes, insulting the system administrator responsible for guarding the data.
Then to quietly send a copy of all the flight logs out to the hackers’ server outside NASA’s network, the hackers covertly programmed the NAS devices. However, after looking at the flight logs, they realised that part of the data they were getting consisted of “pre-planned route option” files for Global Hawk drone, which allow NASA to upload specific flight paths prior to take off. The hackers realised that they could simply replace the Global Hawk drone route file, and that would cause the drone to deviate from its set flight path and do whatever the hackers wanted it to do.
“Several members were in disagreement on this because if it worked, we would be labelled terrorists for possibly crashing a $222.7m US drone… but we continued anyways lol,” AnonSec wrote in its zine. A screenshot from the hackers shows their intended flight path, which they say was cut short after drone pilots on the ground likely noticed the aircraft’s unusual behavior, forcing NASA to restore manual control and redirect it from a watery grave.
“This recreated flight is from our attempt to crash the GlobalHawk [sic] into the Pacific Ocean but seemed to have been taken off of the malicious pre-planned route and was controlled via SatCom [sic] by a pilot once GroundControl [sic] realized,” the hackers write.
Soon after the alleged drone episode, NASA took efforts to inspect its network by changing passwords and patching the critical vulnerabilities, due to which AnonSec was completely shut out from NASA’s networks.
“Whether it was the high amount of traffic sending drone logs across their compromised network or the attempted crashing of a GlowbalHawk [sic] that caused them to FINALLY inspect their networks, we don’t know. But it went down for a while soon after.”
“When they came back up several days later, we had completely lost access.”
“NASA has been breached more times than most people can honestly remember… However, this hack into NASA wasn’t initially focused on drones [sic] data and upper atmosphere chemical samples. In fact the original breach into NASA systems wasn’t even planned, it was caught up in a gozi virus spread,” the hackers write, referring to an infamous Trojan that has infected more than 1 million computers to date.
“People might find this lack of security surprising but its [sic] pretty standard from our experience. Once you get past the main lines of defense, its [sic] pretty much smooth sailing propagating through a network as long as you can maintain access.”
According to Infowars, which was alerted to the zine’s existence by AnonSec, the hackers’ main purpose in hacking NASA was to specifically highlight climate engineering methods such as cloud seeding and geo-engineering.
“One of the main purposes of the Operation was to bring awareness to the reality of Chemtrails/CloudSeeding/Geoengineering /WeatherModification, whatever you want to call it, they all represent the same thing. NASA even has several missions dedicated to studying Aerosols [sic] and their effects on the environment and weather, so we targeted their systems.”
The AnonSec group earlier gained fame after claiming to have hacked an NSA drone in 2014, and is known to have hacked Indonesian, Israeli and Turkish government and commerce websites for a range of political reasons.
NASA officials have not yet commented on the information leak, nor confirmed its validity, but the released NASA employee information has been verified as real and a drone flight log has been found to corroborate with AnonSec’s story.