$150 will buy you military drone documents
Last week, the Wall Street Journal reported on a hacker trying to sell sensitive U.S. Air Force documents about the MQ-9 Reaper unmanned aerial vehicle (UAV).
Leading threat intelligence company Recorded Future found the hacker using security analysts who actively monitor criminal activity on deep and dark web forums and marketplaces. The company engaged the hacker, and discovered other leaked military information available from the same threat actor, including an M1 Abrams maintenance manual, a tank platoon training course, a crew survival course, and documentation on improvised explosive device (IED) mitigation tactics.
Recorded Future analysts further learned that the attacker used a widely known tactic of gaining access to vulnerable Netgear routers with improperly setup FTP login credentials. Read more here — it’s impressive work by Recorded Future.
The story is a great example of the importance of keeping up to date on vulnerabilities applicable to your enterprise technology stack. The hacker in this case used a two-year-old Netgear router vulnerability to access a military computer.
It illustrates why federal and military agencies need to focus on improving their cyber hygiene, continuously scanning their networks, computers, and devices for known vulnerabilities. Insight-backed Tenable is the category leader in assessing and understanding cyber exposure, and the military needs to be proactively scanning for known vulnerabilities.
The incident also highlights the importance of securing passwords for privileged users and machines. While the local military IT team should have at least changed the router’s default FTP credentials (Netgear has a support page with information on how users can change their routers’ default FTP password), the best practice is to implement what is called privileged access management, to vault and rotate passwords. Insight-backed Thycotic is a market leader in this space, with an easy-to-implement solution.
Insight is a proud investor in Recorded Future, Tenable, and Thycotic, and I’m proud to work with the CEOs and teams at these companies. Congrats to Recorded Future for uncovering this, and check out this new integration between Tenable and Thycotic.
