14 DAY TRIAL // Hacker group AnonSec has published a data dump that contains the details of 2,414 NASA employees, along with 631 videos recorded from various NASA aircraft and weather radars, and 2,143 flight logs.
In the explainer that comes along with the data dump, AnonSec says the group hacked NASA by accident in 2013, when one of the Gozi viruses they released online infected one of the agency's servers.
Using this initial access, the group's hackers managed to brute-force the server's root account in 0.32 seconds due to an extremely simple admin password.
AnonSec roamed around NASA's servers for about two years
The group did not only maintain access to the hacked server, but as time went by, they also managed to extend their reach inside NASA's internal network, eventually breaking into three NAS (Network Attached Storage) devices.
NASA was using these devices to download and then back up flight plans from its drone missions. AnonSec members rooted these devices as well and later stole some of the data stored on the hard drives.
Later on, the hackers also took over CCTV feeds from the Glenn Research Center, Goddard Space Flight Center, and Dryden Flight Research Center.
AnonSec members also discovered recorded videos from regular NASA missions that involved Global Hawk drones and Operation Ice Bridge.
AnonSec tried to crash a Global Hawk drone
While analyzing some network traffic, the hackers found that NASA engineers were often loading a predetermined flight plan for most of their drone missions.
Employing a simple MitM (Man-in-the-Middle) attack, the hackers intercepted one of these flight plans and replaced it with one of their own, which had one of NASA's $222.7 million Global Hawk drones crashing in the middle of the Pacific Ocean.
Despite managing to upload a custom .gpx file that controlled the drone according to AnonSec's desires, one of NASA's engineers detected a change in the drone's original plan and took manual control of the drone.
Soon after this incident, NASA realized what happened, and AnonSec lost access to the NASA servers. A screenshot released by AnonSec shows that the drone takeover event took place on April 9, 2015.
WikiLeaks refused to publish the data dump
Before releasing their files via their Facebook page and InfoWars, the hackers tried to contact Wikileaks and The Guardian. After a pre-briefing and with early access to the data, InfoWars confirmed that the data dump contained accurate information on 2,414 NASA employees that included name, email, and telephone numbers.
AnonSec justified their actions saying that the US and NASA have long engaged in climate engineering tactics (cloud seeding or chemtrails) that have manipulated local and global weather.
The group is now seeding well over 275GB of data via BitTorrent links.
