Original URL: http://www.theregister.co.uk/2011/05/18/serial_hacker_hits_nasa/
Serial hacker TinKode rifles through NASA satellite files
Greyhat adds scalp to those of Royal Navy, MySQL, ESA
Posted in Security, 18th May 2011 10:50 GMT
Watch Now : Virtual Machine Movement with Hyper-V
A serial hacker has broken into NASA systems before posting "proof" of his exploits online.
TinKode – who previously ransacked online system run by the Royal Navy, MySQL.com and the European Space Agency – posted screenshots purporting to come from an FTP server within the NASA's Earth Observation System at Goddard Space Flight Center. The supposed hack [1] by the Romanian into the Earth Observation System – a satellite-based system used for disaster relief – is sure to embarrass space centre chiefs, especially since it comes only weeks after a negative report on NASA's information security strategy.
NASA's Inspector General warned (40-page PDF/1.1MB) [2] in March that security shortcomings at the space agency left it open to defacement, denial of service or information-stealing attacks. NASA bosses promised to tighten up security policies, a process that TinKode's exploit would suggest is far from completion.
It's unclear how TinKode might have busted into the space agency's website. Interviews with the grey-hatted hacker, as well as his general modus operandi, suggest that he is motivated more by intellectual curiosity than mischief. TinKode told [3] Network World that he notified NASA's webmaster straight after carrying out his hack and there's no evidence to suggest anything malign took place. ®