You by no means fairly know what you’ll discover on the darkish internet. In June, a risk intelligence workforce generally known as Insikt Group at safety analysis agency Recorded Future found the sale of delicate U.S. navy data in the middle of monitoring prison exercise on darkish internet marketplaces.
Insikt explains that an English-speaking hacker presupposed to have documentation on the MQ-9 Reaper unmanned aerial automobile. Remarkably, the hacker seems to have been promoting the products for “$150 or $200.”
In accordance with Insikt Group, the paperwork weren’t labeled but in addition contained delicate supplies, together with “the M1 Abrams maintenance manual, a tank platoon training course, a crew survival course, and documentation on improvised explosive device (IED) mitigation tactics.” Insikt notes that the opposite set of paperwork seems to have been stolen from a U.S. Military official or from the Pentagon, however the supply was not confirmed.
The hacker appeared to have joined the discussion board explicitly for the sale of those paperwork and acknowledged one different incident of navy paperwork obtained from an unaware officer. In the midst of its investigation, Insikt Group decided that the hacker obtained the paperwork by accessing a Netgear router with misconfigured FTP login credentials. When the workforce corresponded with the hacker to verify the supply of hacked drone paperwork, the attacker disclosed that he additionally had entry to footage from a MQ-1 Predator drone.
Right here’s how he did it:
Using Shodan’s widespread search engine, the actors scanned massive segments of the web for high-profile misconfigured routers that use a normal port 21 to hijack all helpful paperwork from compromised machines.
Using the above-mentioned technique, the hacker first infiltrated the pc of a captain at 432d Plane Upkeep Squadron Reaper AMU OIC, stationed on the Creech AFB in Nevada, and stole a cache of delicate paperwork, together with Reaper upkeep course books and the checklist of airmen assigned to Reaper AMU. Whereas such course books will not be labeled supplies on their very own, in unfriendly palms, they may present an adversary the flexibility to evaluate technical capabilities and weaknesses in probably the most technologically superior aircrafts.
Insikt Group notes that it’s “incredibly rare” for hackers to promote navy secrets and techniques on open marketplaces. “The fact that a single hacker with moderate technical skills was able to identify several vulnerable military targets and exfiltrate highly sensitive information in a week’s time is a disturbing preview of what a more determined and organized group with superior technical and financial resources could achieve,” the group warns.