- A hacker has been selling sensitive information relating to the US military on the Dark Web for as little as $200.
- Some of the information was accessible because of a problem on a Netgear router which the owner didn’t configure after a warning in 2016.
- Hacker used the Shodan search engine to detect vulnerable routers worldwide.
Today, a horror story about US military secrets sold online once again proves the importance of router security measures. Recently, an intelligence company called Recorded Future, came across a hacker selling military information. The hacker easily gained access to a captain’s computer because the security measures weren’t up to date.
One of the frightening facts is for how little the hacker sells these secrets on the Dark Web. The hacker wants as little as $200 for some of the information he extracted. At that price, almost anyone can afford to buy it. This includes schematics of MQ-9 Reaper drones and pictures of those devices in action. Additionally, there is information that relates to training courses, explosive devices, and border surveillance footage. Of course, this gives insight into the workings of the military which can be valuable to the US’s enemies.
Secondly, it’s disturbing how easy it was to gain access to the information. Recorded Future made contact and communicated with the hacker to find out how it was done. Apparently, Netgear discovered a vulnerability in one of its routers back in 2016 and warned users to update default passwords. Unfortunately, not everyone did. The Shodan search engine helped the hacker identify unconfigured routers. With the list of potential victims, the hacker started accessing networks and computers. Apparently, the captain’s computer was one of the accessed devices.
Therefore, this is a story of accidental discovery. Now, imagine what’s possible in a focused cyber attack on the military with extensive funding, knowledge, and equipment. If an institution doesn’t secure its routers optimally, many other security measures become obsolete.
So far the military itself didn’t respond to questions from the media yet. What are your thoughts? Let us know in the comments below. Also, to get instant tech updates, follow TechNadu’s Facebook page, and Twitter handle.