Feeds

FAA hacked by patriots

Hey, it could have been terrorists

  • alert
  • submit to reddit

Intelligent flash storage arrays

Hackers were able to penetrate a Federal Aviation Administration system earlier this week and download unpublished information on airport passenger screening activities, federal officials confirmed Thursday.

Styling themselves "The Deceptive Duo," the hackers on Wednesday publicly defaced an FAA server used by what was the administration's Civil Aviation Security organization, which until recently was responsible for supervising passenger screening at U.S. airports. There, the intruders posted a mission statement vowing to expose America's poor state of cyber security for the good of the nation.

"Tighten the security before a foreign attack forces you to," the Duo extolled. "At a time like this, we cannot risk the possibility of compromise by a foreign enemy."

At the bottom of the page, the defacers included a screen-shot showing a portion of a Microsoft Access database, with each row displaying the three-letter code for a different U.S. airport, the name of an FAA inspector, a screener I.D. number, the number of passengers the screener handled, and the number of guns, explosives or chemicals he or she intercepted.

An FAA spokesman described the file as a "screener activity" report for the year 2000, but insisted it wasn't particularly sensitive. "It was data that was used for a report that went to Congress, so it's essentially public information anyway," said spokesman Paul Takemoto.

In February, the FAA's airline security functions were taken over by the newly-created Transportation Security Administration.

Computer security weaknesses have dogged the FAA since 1998. Most recently, the agency was criticized in a September, 2000 GAO report for not performing background checks on IT contractors, failing to install intrusion detection systems, and not performing adequate risk assessments and penetration tests on agency systems.

Speaking at the RSA security conference in February, agency CIO Daniel Mehan said the FAA had made significant progress in boosting cyber security, but needed more funding from Congress to continue the effort.

The FAA said Thursday that they'd reported the Deceptive Duo's intrusion. "We've asked the FBI to prosecute if they catch the people," said Takemoto.

String of Intrusions

The agency is only one target of the Deceptive Duo's inaugural week of defacements. On Monday, the pair vandalized a U.S. Navy site and posted information lifted from a Midwest Express Airlines passenger reservation system, according to a report by InternetNews.com. The defacement mirror site alldas.org shows attacks on two NASA sites on Wednesday, and on Thursday the attackers struck a U.S. Department of Transportation site and several seemingly random corporate targets -- one of them in Israel.

Each defacement featured the hackers' patriotic "mission outline" -- in which they claim to be U.S. citizens determined to save the country from a "foreign threat" by exposing security holes -- and the group's logo: two handguns in front of an American flag.

Longtime defacement-tracker Brian Martin, a security engineer at CACI Network Security Group, suspects the Duo's message may owe as much to media-friendly theatrics as genuine fervor. "They're probably casually into it," says Martin. "But if they write it up well, they hype it up and sensationalize it, they get more attention."

But in an e-mail interview, the Deceptive Duo said their intrusions were a matter of national security.

"We are two individuals who risk our future and our lives to help the Nation in such a vulnerable time," the Duo wrote. "Somebody has to do it; if we don't, a terrorist might."

© 2002 SecurityFocus.com, all rights reserved.

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.