July 19, 2018
It’s been over a month since OMB reported poor cybersecurity conditions among the federal agencies in the US, and it seems the government has still not made sufficient efforts to protect the systems from even the most rudimentary attacks.
Recorded Future, a real-time threat intelligence company, recently found highly sensitive documents about the U.S. military MQ-9 Reaper drone on the Dark Web, where a hacker was trying to sell the information for a trivial amount.
It is noteworthy that the MQ-9 Reaper drone is one of the most advanced and significant pieces of military technology, that has been commissioned in the past two decades. The documents that were put on sale allegedly contained sensitive information. Information that an adversary would be able to evaluate and exploit to assess the capabilities and weaknesses of the drone.
The original ad of the drone documents as shared by Recorded Future.
When the agency tried to draw more information from the user by disguising themselves as a potential buyer, the hacker claimed to have access to other sensitive data from US air force as well. Andrei Barysevich, a dark web expert at the agency and the author of the revealing report has said that he is almost “ 100 per cent certain “ that the document that was put up for sale and the hacker’s claim for the other possessions were genuine.
Some of these other materials include M1 Abrams maintenance manual, a document on IED mitigation tactics, a tank platoon training course, a crew survival course document, and sensitive live stream footage from border surveillance cameras, which the hacker boasted of using for the purpose of entertainment.
Ironically, during the conversation, the hacker had also shared the Cyber Awareness Challenge certificate of the officer whose computer was compromised. This would also lead to some serious internal investigations.
The hacker, whose technical skills the agency have determined are just mediocre, claimed that he has used relatively easy hacking procedures to gain access to all of these materials. He has simply exploited an unsecured Netgear router, which many security agencies have been claiming susceptible to easy attacks for the last two years. Netgear too has provided some simple steps to patch up that susceptibility which includes changing the default credentials.
It is, therefore, concerning how government officials in possession of sensitive information are treating cybersecurity practices making crucial information accessible through quite rudimentary attacks. Furthermore, it is just one case that the security agency actually know about and this was because of the naivety of the hacker who was trying to sell this invaluable information at a mere $150 dollars. It is hard to tell how many other attacks the ministry is under at present, when over 4,000 routers are still in susceptible position, as reported by Recorded Future.
The agency has alerted the authorities from the Defense Security Service and the Department of Homeland Security of the case, and as soon as it has done so, the hacker removed the advertisement from the portal. The last word from the DHS and DSS include acknowledgement of the report and a review of the information.
September 27, 2021
After 18 months of lockdowns and restrictions, where the closest we came to connecting with our clients was through Zoom calls and webinars, we finally...
September 23, 2021
For years, retail industries have been slowly embracing new technologies in order to engage their audience in new and diverse ways in an effort to keep...
August 26, 2021
Your customers are on the verge of completing a purchase, only to abandon it at the last minute. The average shopping cart...
July 30, 2021
Spend a few minutes completing as much as you can below. The more
details you can provide here, the better and we’ll be back in touch within 24 hours.
It’s all done and dusted
I’ve got some ideas/it’s halfway there
I’ll need you to take care of this
Pick as many as you like
I need your help
Brief description of your website/app and business
Who are your main competitors?
The more details you can provide us here the better and feel to upload any documentation that you may have.
Search Engine Optimisation
Social Media Marketing
Pay Per Click
Get closer to customers
The costs of offline marketing
Extend your brand