Feeds

They've only gone and HACKED the WEATHER

Hackers punch into NOAA, in 'vengeance for Stuxnet'

Internet Security Threat Report 2014

Hackers have lifted potentially sensitive data from the US National Weather Service after exploiting a vulnerability in the weather.gov website.

A previously-unknown group called Kosova Hacker's Security claimed credit for the hack in a lengthy post on pastebin, containing a stream of data lifted as a result of the hack. Leaked data includes a list of partial login credentials, something that might give other hacking crews a head start in attacking the website, as well as numerous system and network configuration files.

The leaked information appears to consist only of system files and the like rather than scientific data, something that strongly distinguishes the breach from the so-called ClimateGate hack against the Climatic Research Unit (CRU) at the University of East Anglia back in November 2009.

The hacking crew said it took advantage of "local file inclusion vulnerability" that allowed it to ransack the weather.gov servers. Kosova Hacker's Security said the hack was carried out in retaliation for American aggression against Muslim nations, including the Flame and Stuxnet malware attacks against the Iran nuclear program.

"They hack our nuclear plants using STUXNET and FLAME like malwares, they are bombing us 27*7, we can't sit silent - hack to payback them," The Hacker News quotes the hackers as saying.

KHS' supposed grievance makes weather.gov a bit of of an odd target. However the group threatened to carry out further attacks against US government systems.

The weather.gov website was back up and running at the time of writing on Friday afternoon.

A post on Sophos's Naked Security blog reports that the local file inclusion vulnerability was quickly patched but at least one other vulnerability, a cross site scripting hole, was subsequently discovered on the site. It's unclear if the XSS vulnerability, which is the sort of thing that's most useful for those interested in running phishing attacks rather than punching through web servers to hack into back-end databases, has been fixed as yet.

Weather.gov is run by the US National Weather Service, part of the National Oceanic and Atmospheric Administration (NOAA). NOAA is a unit of the US Department of Commerce in charge of providing "weather, water, and climate data, forecasts and warnings for the protection of life and property and enhancement of the national economy". It's also well known as custodian as one of the three main databases used to measure global warming: the other two belong to NASA and the British Met Office's Hadley Centre. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.