Sensitive information involving the MQ-9 Reaper drone and other military documents were stolen from a U.S. Air Force captain’s computer and advertised for sale on the dark web, a threat intelligence firm said Tuesday.
Export-controlled documents, course books and a list of airmen assigned to Reaper Aircraft Maintenance Unit at Creech Air Force Base in Nevada are among a cache of “highly sensitive” drone documents recently discovered being sold on a dark web hacking forum for as little as $150, Recorded Future said in a report.
“While such course books are not classified materials on their own, in unfriendly hands, they could provide an adversary the ability to assess technical capabilities and weaknesses in one of the most technologically advanced aircrafts,” said Andrei Barysevich, Recorded Future’s director of advanced collection.
The firm’s research team discovered the sale on June 1 while looking for criminal activity on the dark web, a hard-to-monitor portion of the internet not indexed by search engines, Mr. Barysevich said in a blog post. Analysts subsequently engaged the seller and ultimately confirmed details including the documents’ authenticity and the method used to obtain them, the post said.
Researchers learned that the files had been obtained by breaching the computer of an Air Force captain stationed at Creech using a previously disclosed and “widely known” vulnerability affecting Netgear routers, Mr. Barysevich said.
Analysts eventually ascertained information about an individual believed to be involved in the breach and have been assisting law enforcement, he said.
“The FBI does not confirm or deny the existence of investigations,” FBI spokeswoman Lauren Hagee told CNN.
The Air Force did not immediately return an email seeking comment.
Used by branches and agencies including the Air Force, Navy, CIA and U.S. Customs and and Border Protection, the MQ-9 Reaper represents a “significant evolution” in unmanned aerial vehicle technology and employment, retired Gen. T. Michael Moseley said prior to its introduction in 2007.
“We’ve moved from using UAVs primarily in intelligence, surveillance and reconnaissance roles before Operation Iraqi Freedom, to a true hunter-killer role with the Reaper,” he said in 2006.
The same seller offering the Reaper documents has since advertised an additional set of military files, including more than a dozen training manuals, but the source of that cache could not immediately be determined, Mr. Barysevich said.
“It is not uncommon to uncover sensitive data like personally identifiable information (PII), login credentials, financial information and medical records being offered for sale on the dark web,” he said in the blog post. “However, it is incredibly rare for criminal hackers to steal and then attempt to sell military documents on an open market.
“The military response teams will determine the exact ramifications of both breaches,” Mr. Barysevich wrote. “However, the fact that a single hacker with moderate technical skills was able to identify several vulnerable military targets and exfiltrate highly sensitive information in a week’s time is a disturbing preview of what a more determined and organized group with superior technical and financial resources could achieve.”
Please read our comment policy before commenting.