Feeds

FAA hacked by patriots

Hey, it could have been terrorists

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Hackers were able to penetrate a Federal Aviation Administration system earlier this week and download unpublished information on airport passenger screening activities, federal officials confirmed Thursday.

Styling themselves "The Deceptive Duo," the hackers on Wednesday publicly defaced an FAA server used by what was the administration's Civil Aviation Security organization, which until recently was responsible for supervising passenger screening at U.S. airports. There, the intruders posted a mission statement vowing to expose America's poor state of cyber security for the good of the nation.

"Tighten the security before a foreign attack forces you to," the Duo extolled. "At a time like this, we cannot risk the possibility of compromise by a foreign enemy."

At the bottom of the page, the defacers included a screen-shot showing a portion of a Microsoft Access database, with each row displaying the three-letter code for a different U.S. airport, the name of an FAA inspector, a screener I.D. number, the number of passengers the screener handled, and the number of guns, explosives or chemicals he or she intercepted.

An FAA spokesman described the file as a "screener activity" report for the year 2000, but insisted it wasn't particularly sensitive. "It was data that was used for a report that went to Congress, so it's essentially public information anyway," said spokesman Paul Takemoto.

In February, the FAA's airline security functions were taken over by the newly-created Transportation Security Administration.

Computer security weaknesses have dogged the FAA since 1998. Most recently, the agency was criticized in a September, 2000 GAO report for not performing background checks on IT contractors, failing to install intrusion detection systems, and not performing adequate risk assessments and penetration tests on agency systems.

Speaking at the RSA security conference in February, agency CIO Daniel Mehan said the FAA had made significant progress in boosting cyber security, but needed more funding from Congress to continue the effort.

The FAA said Thursday that they'd reported the Deceptive Duo's intrusion. "We've asked the FBI to prosecute if they catch the people," said Takemoto.

String of Intrusions

The agency is only one target of the Deceptive Duo's inaugural week of defacements. On Monday, the pair vandalized a U.S. Navy site and posted information lifted from a Midwest Express Airlines passenger reservation system, according to a report by InternetNews.com. The defacement mirror site alldas.org shows attacks on two NASA sites on Wednesday, and on Thursday the attackers struck a U.S. Department of Transportation site and several seemingly random corporate targets -- one of them in Israel.

Each defacement featured the hackers' patriotic "mission outline" -- in which they claim to be U.S. citizens determined to save the country from a "foreign threat" by exposing security holes -- and the group's logo: two handguns in front of an American flag.

Longtime defacement-tracker Brian Martin, a security engineer at CACI Network Security Group, suspects the Duo's message may owe as much to media-friendly theatrics as genuine fervor. "They're probably casually into it," says Martin. "But if they write it up well, they hype it up and sensationalize it, they get more attention."

But in an e-mail interview, the Deceptive Duo said their intrusions were a matter of national security.

"We are two individuals who risk our future and our lives to help the Nation in such a vulnerable time," the Duo wrote. "Somebody has to do it; if we don't, a terrorist might."

© 2002 SecurityFocus.com, all rights reserved.

Beginner's guide to SSL certificates

More from The Register

next story
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.