Feeds

FAA hacked by patriots

Hey, it could have been terrorists

  • alert
  • submit to reddit

3 Big data security analytics techniques

Hackers were able to penetrate a Federal Aviation Administration system earlier this week and download unpublished information on airport passenger screening activities, federal officials confirmed Thursday.

Styling themselves "The Deceptive Duo," the hackers on Wednesday publicly defaced an FAA server used by what was the administration's Civil Aviation Security organization, which until recently was responsible for supervising passenger screening at U.S. airports. There, the intruders posted a mission statement vowing to expose America's poor state of cyber security for the good of the nation.

"Tighten the security before a foreign attack forces you to," the Duo extolled. "At a time like this, we cannot risk the possibility of compromise by a foreign enemy."

At the bottom of the page, the defacers included a screen-shot showing a portion of a Microsoft Access database, with each row displaying the three-letter code for a different U.S. airport, the name of an FAA inspector, a screener I.D. number, the number of passengers the screener handled, and the number of guns, explosives or chemicals he or she intercepted.

An FAA spokesman described the file as a "screener activity" report for the year 2000, but insisted it wasn't particularly sensitive. "It was data that was used for a report that went to Congress, so it's essentially public information anyway," said spokesman Paul Takemoto.

In February, the FAA's airline security functions were taken over by the newly-created Transportation Security Administration.

Computer security weaknesses have dogged the FAA since 1998. Most recently, the agency was criticized in a September, 2000 GAO report for not performing background checks on IT contractors, failing to install intrusion detection systems, and not performing adequate risk assessments and penetration tests on agency systems.

Speaking at the RSA security conference in February, agency CIO Daniel Mehan said the FAA had made significant progress in boosting cyber security, but needed more funding from Congress to continue the effort.

The FAA said Thursday that they'd reported the Deceptive Duo's intrusion. "We've asked the FBI to prosecute if they catch the people," said Takemoto.

String of Intrusions

The agency is only one target of the Deceptive Duo's inaugural week of defacements. On Monday, the pair vandalized a U.S. Navy site and posted information lifted from a Midwest Express Airlines passenger reservation system, according to a report by InternetNews.com. The defacement mirror site alldas.org shows attacks on two NASA sites on Wednesday, and on Thursday the attackers struck a U.S. Department of Transportation site and several seemingly random corporate targets -- one of them in Israel.

Each defacement featured the hackers' patriotic "mission outline" -- in which they claim to be U.S. citizens determined to save the country from a "foreign threat" by exposing security holes -- and the group's logo: two handguns in front of an American flag.

Longtime defacement-tracker Brian Martin, a security engineer at CACI Network Security Group, suspects the Duo's message may owe as much to media-friendly theatrics as genuine fervor. "They're probably casually into it," says Martin. "But if they write it up well, they hype it up and sensationalize it, they get more attention."

But in an e-mail interview, the Deceptive Duo said their intrusions were a matter of national security.

"We are two individuals who risk our future and our lives to help the Nation in such a vulnerable time," the Duo wrote. "Somebody has to do it; if we don't, a terrorist might."

© 2002 SecurityFocus.com, all rights reserved.

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.