Hacking group claims to have cracked NASA drone

Shutterstock image: hacker.

A hacker group said it took control of a NASA drone and stole data from its system, but the space agency is denying the claims.

On Jan. 31, the hacking group AnonSec published some 250 GB of data and a 300-page "zine" detailing its alleged months-long exploitation of NASA systems and its attempt to crash a multimillion-dollar Global Hawk drone into the Pacific Ocean.

"Several members were in disagreement on this because if it worked, we would be labeled terrorists for possibly crashing a $222.7 million U.S. drone," the hackers wrote. "But we continued anyways."

According to the hackers, it was only after they attempted to send a Global Hawk on a suicide run over the ocean that NASA caught on and booted them out.

NASA denied AnonSec's hacking claim altogether.

"Control of our global hawk aircraft was not compromised," the agency told FCW in a statement.

AnonSec also claimed to have captured hundreds of flight videos and thousands of flight logs, as well as phone numbers and email addresses for 2,414 NASA employees.

NASA did not address these details specifically, but said that this information could have been public.

"NASA has no evidence to indicate the alleged hacked data are anything other than already publicly available data," the statement said. "NASA takes cybersecurity very seriously and will continue to fully investigate all of these allegations.

Paul Martin, NASA's inspector general, has warned in the past that NASA's broad attack surface presents a juicy target for all types of hackers, from script kiddies to state-sponsored actors.

"This is still at the claims level," said James Scott, co-founder of the Institute for Critical Infrastructure Technology. "It may be difficult for security experts to corroborate or disprove the hacktivists' claims because the group claims to have deleted indicators of their presence on the network."

Scott, who helped write the book on hacking groups, said NASA ought to have tough defenses.

"It's hard to believe that NASA hasn't made use of a virtually unlimited budget to allocate funds to create the most technologically sophisticated cyber-barricade around their techno-infrastructure," Scott said, adding that conducting ongoing penetration testing, tracking user behavior analytics and changing default passwords could have helped thwart the assault, if it really occurred.

AnonSec claimed it gained access to NASA systems by purchasing a foothold from another actor. It's unclear how that actor gained the alleged foothold in the first place.

AnonSec credited a lack of monitoring and the fact that a privileged-user account still relied on default credentials for its ability to expand through NASA systems, eventually gaining access to drone logs and realizing it could upload new courses for drones.

The zine heaped derision on NASA's IT posture -- "They have many [Windows] XP and unpatched Ubuntu servers" -- but also notes that NASA isn't unique.

The conspiracy theory site Infowars first picked up coverage of the incident. The zine and files were made available on document and media dump sites such as Pastebin, though moderators had taken down at least one posting on Feb. 1.

This article was updated Feb. 2 to include a statement from NASA.

About the Author

Zach Noble is a staff writer covering digital citizen services, workforce issues and a range of civilian federal agencies.

Before joining FCW in 2015, Noble served as assistant editor at the viral news site TheBlaze, where he wrote a mix of business, political and breaking news stories and managed weekend news coverage. He has also written for online and print publications including The Washington Free Beacon, The Santa Barbara News-Press, The Federalist and Washington Technology.

Noble is a graduate of Saint Vincent College, where he studied English, economics and mathematics.

Click here for previous articles by Noble, or connect with him on Twitter: @thezachnoble.


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.