The goods included sensitive U.S. Air Force documents of an unmanned aerial vehicle, tank platoon tactics and manuals to defeat roadside bombs.
These are among the delicate American military details that have been put up for sale on the dark web, according to a research firm. For the Department of Defense, the report lays raises questions about basic cyber-hygiene in the U.S. military apparatus as the material came from hacks through known vulnerabilities.
Recorded Future, a private research firm based in Massachusetts, said in a July 11 report that it found the swath of documents while monitoring criminal activities on the dark web.
In a speech this morning, the top information officer at the Department of Defense, Dana Deasy, said that good digital security can minimize security risk. “Countless cyber-incident reports show that the overwhelming majority of cyber incidents are preventable with basic cyber hygiene and data safeguards,” he said.
The saga began June 1 while researchers came across schematics of the MQ-9 Reaper unmanned aerial vehicle. “It is incredibly rare for criminal hackers to steal and then attempt to sell military documents on the web,” Recorded Future wrote in a report.
According to a screenshot from the firm, the hackers’ price for the sensitive documents was laughably small: “about $150 or $200.”
After further investigation, Recorded Future learned that the hacker gained access to the information “through a previously disclosed FTP vulnerability in Netgear routers,” referring to a method of sharing files over the internet. The hacker “infiltrated the computer of a captain” stationed at Creech Air Force Base in Nevada, who just months earlier completed a Cyber Awareness Challenge training program meant to guard against such attacks.
“Despite it being two years since the (Netgear) vulnerability was first acknowledged, the problem remains widespread,” the firm wrote, adding their recent research found that more than 4,000 routers are still vulnerable to attack.
It was discovered in 2016 that Netgear customers using the file-sharing feature on some routers needed to change their default password, or they could be infiltrated by hackers.
But the hacker was not finished. They posted even more military documents for sale, including more than a dozen manuals on how to defeat roadside bombs, information on tank platoon tactics and an M1 Abrams tank manual, according to the report. It was unclear how this information was stolen, although none of it was classified.
The hacker claimed disturbing access to sensitive military intelligence, according to Recorded Future.
“On days he was not hunting for his next victim, he entertained himself by watching sensitive live footage from border surveillance cameras and airplanes.”
A spokesman for the Air Force did not immediately respond to a request for comment.
The U.S. intelligence community has invested in Recorded Future through its venture firm, In-Q-Tel.
Justin Lynch is the Associate Editor at Fifth Domain. He has written for the New Yorker, the Associated Press, Foreign Policy, the Atlantic, and others. Follow him on Twitter @just1nlynch.