Capt. from 432d AMU
If the compromised box was off base the capt. will be having an interesting chat with their boss.(possibly about next assignments mop & bucket requirements).
If it was on base the hackers had better be really good at hiding.
Sensitive US Air Force documents have leaked onto the dark web as part of an attempted sale of drone manuals. Threat intel firm Recorded Future picked up on an auction for purported export-controlled documents pertaining to the MQ-9 Reaper drone during its regular work monitoring the dark web for criminal activities last month …
I expect the source who really cares could apply obfuscation of the kind that accomplishes the much harder task of getting material everyone knows - e.g. episodes of a popular TV series - past Youtube copyright filters.
As for finding the source, they can blame whomsoever is (politically) convenient for any kind of military leak. If anyone asks for evidence, can't tell you because National Security.
Looking at the source article, these were not even For Official Use Only documents, just a mix of ITAR-regulated stuff (so, not for export) and similarly unclassified material.
This is embarrassing, and somebody might earn a mild reprimand, but not the sort of thing any sort of scandal is made from.
Documents have had a habit of leaking off site for decades now. I remember some security training years ago that emphasized that internal documents, even unclassified ones, stay on site. So the real question is not that they are on the Dark Web but how did they escape.
"Two years ago researchers warned that Netgear routers with remote data access capabilities were susceptible to attack if the default FTP authentication credentials were not updated .. Recorded Future identified more than 4,000 routers susceptible to attack."
Describing accessing a device using the default credentials as an 'attack' is stretching it.
To get the title and send an order into the Pentagon. They will deliver you a nice printed copy for a small (<$10 sometimes) sum. All you need to know is the proper report/publication number.
Spying made easy. You may even be able to order it on Amazon for some titles, I suspect.
Now where is the ISBN for that......
"insecure FTP server"
Not setting a password is like leaving the door open; anyone can walk in. FTP is an unencrypted protocol, so if you set a password, it can be sniffed; easy enough for a competent hacker.
Good thing this wasn't part of an organisation that needs to defend against elite, nation-state-funded hackers. Oh wait!
Biting the hand that feeds IT © 1998–2019