back to article US military manuals hawked on dark web after files left rattling in insecure FTP server

Sensitive US Air Force documents have leaked onto the dark web as part of an attempted sale of drone manuals. Threat intel firm Recorded Future picked up on an auction for purported export-controlled documents pertaining to the MQ-9 Reaper drone during its regular work monitoring the dark web for criminal activities last month …

  1. Wellyboot Silver badge
    Black Helicopters

    Capt. from 432d AMU

    If the compromised box was off base the capt. will be having an interesting chat with their boss.(possibly about next assignments mop & bucket requirements).

    If it was on base the hackers had better be really good at hiding.

  2. Anonymous Coward
    Anonymous Coward

    Of course, that's the stuff they found ...

    and a little tip for anyone in OutThereLand ... don't even think about trying to hawk stuff like this. It's subtly marked, meaning the source will be found.

    1. Cynic_999

      Re: Of course, that's the stuff they found ...

      It's marked with the original source, sure (i.e. the legitimate owner who was hacked), but that's no impediment to the thief who is selling it anonymously, nor to the buyers who know that they shouldn't be reading such documents.

    2. Nick Kew

      Re: Of course, that's the stuff they found ...

      I expect the source who really cares could apply obfuscation of the kind that accomplishes the much harder task of getting material everyone knows - e.g. episodes of a popular TV series - past Youtube copyright filters.

      As for finding the source, they can blame whomsoever is (politically) convenient for any kind of military leak. If anyone asks for evidence, can't tell you because National Security.

  3. SirWired 1

    Not really a big deal

    Looking at the source article, these were not even For Official Use Only documents, just a mix of ITAR-regulated stuff (so, not for export) and similarly unclassified material.

    This is embarrassing, and somebody might earn a mild reprimand, but not the sort of thing any sort of scandal is made from.

  4. Steve K

    Unencrypted?

    If these documents are genuinely classified/sensitive then why weren't they encrypted too?

    1. Mystic Megabyte
      FAIL

      Re: Unencrypted?

      They were encrypted but the passwords were in a file called passwords.txt (I used to keep mine in a readme.txt file on the assumption that no-one ever reads them)

      1. adnim
        Joke

        Re: Unencrypted?

        I have my password on the login banner. They even less likely to be read.

        1. the Jim bloke

          Re: Unencrypted?

          Safest place of all would be in a document called EULA

  5. Zwuramunga

    Well for the record....

    You can get a lot of these things around military bases and the Russians and Chinese damn well know it.

    Manuals show up at flea markets and used book stores.

    I have even seen night vision devices and and electronic sites at pawn shops.

    1. a_yank_lurker

      Re: Well for the record....

      Documents have had a habit of leaking off site for decades now. I remember some security training years ago that emphasized that internal documents, even unclassified ones, stay on site. So the real question is not that they are on the Dark Web but how did they escape.

    2. Captain Badmouth
      Paris Hilton

      Re: Well for the record....

      "I have even seen night vision devices and and electronic sites at pawn shops."

      Pwn shops shirley...?

      Paris, knows all about porn shops... (allegedly)

  6. Anonymous Coward
    Facepalm

    Routers default FTP password is susceptible to attack?

    "Two years ago researchers warned that Netgear routers with remote data access capabilities were susceptible to attack if the default FTP authentication credentials were not updated .. Recorded Future identified more than 4,000 routers susceptible to attack."

    Describing accessing a device using the default credentials as an 'attack' is stretching it.

    1. Giovani Tapini

      Re: Routers default FTP password is susceptible to attack?

      Yes, its like leaving your doors open and claiming you have had a break in...

      The word attack does create the conjecture that some effort is required to be engaged which does not appear to be the case...

  7. Eddy Ito
    Stop

    Please tell me they at least changed the default password on the Reaper drones.

    1. Waseem Alkurdi
      Trollface

      Wait, what default passwords?

    2. Stoneshop
      Pirate

      the default password on the Reaper drones.

      Gr1m

      1. Anonymous Coward
        Anonymous Coward

        Re: the default password on the Reaper drones.

        DEADBEEF

      2. LucreLout

        Re: the default password on the Reaper drones.

        Gr1m

        That, or Ch!11!

  8. Anonymous Coward
    Anonymous Coward

    Good stuff...

    If you are working a Tamiya and want to design the mold for the 1:35 Predator Drone (complete with maintenance operator team)

    Don't even need to Think In Russian.

  9. Waseem Alkurdi
    Facepalm

    during its regular work monitoring the dark web for criminal activities last month.

    Seems that Recorded Future is doing a very good job. Is that why the dark web is full of drugs, weapons, fake passports, and child porn?

  10. Chris G

    At least having read the manual

    The hackers will recognise the drone that terminates their activities.

  11. Herby

    Probably just as easy...

    To get the title and send an order into the Pentagon. They will deliver you a nice printed copy for a small (<$10 sometimes) sum. All you need to know is the proper report/publication number.

    Spying made easy. You may even be able to order it on Amazon for some titles, I suspect.

    Now where is the ISBN for that......

    1. G.Y.

      ISBN Re: Probably just as easy...

      When the US military published a book on battlefield surgery in Iraq &Afghanistan, someone had the bright idea to not give the book an ISBN, so it would be hard to find.

  12. Anonymous Coward
    Anonymous Coward

    Stupidity <> security

    Anyone who can't just put the user manual online does NOT have a secure system.

    Stop blaming the world for your own idiocy.

  13. Kev99 Silver badge

    Why do so many idiots post sensitive, proprietary, confidential info on the internet? Are they that damned miserly or stupid to not use secure, dedicated lines?

  14. Allan George Dyer
    Boffin

    Oxymoron alert

    "insecure FTP server"

    Not setting a password is like leaving the door open; anyone can walk in. FTP is an unencrypted protocol, so if you set a password, it can be sniffed; easy enough for a competent hacker.

    Good thing this wasn't part of an organisation that needs to defend against elite, nation-state-funded hackers. Oh wait!

  15. SkippyBing

    The actor was even bragging about accessing footage from a MQ-1 Predator

    I'm not saying he didn't, at the same time he could just be Jay from The Inbetweeners.

  16. This post has been deleted by its author

  17. Nick Kew

    Security by obscurity

    Really a story?

    ... they could provide an adversary the ability to assess technical capabilities and weaknesses in one of the most technologically advanced aircrafts[sic]

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like