A hacker penetrated an Air Force captain’s computer to steal sensitive information about US military drones, according to new research by cybersecurity investigators at Recorded Future. The documents, while not classified, include a private list of airmen working with MQ-9A Reaper drones and maintenance and course material on the weapons.
US law enforcement is investigating the breach, according to Recorded Future’s Insikt Group, which conducted the research. The firm said its researchers have a “high degree of confidence” the hacker is from South America.
The hacker who obtained documents about the Reaper drones tried to sell the documents on the “dark web,” which it is not possible to publicly search. Recorded Future confirmed the authenticity of the documents.
Insikt researchers following the deep web message boards and forums made contact with the hacker and discussed the sale. The hacker told researchers they enjoyed watching drone footage in their spare time when not looking for their next victim, according to the new report.
“While such course books are not classified materials on their own, in unfriendly hands, they could provide an adversary the ability to assess technical capabilities and weaknesses in one of the most technologically advanced aircrafts,”
The hacker told the researchers they stole additional military training manuals on explosive devices, a tank operation manual, and a document on tank platoon tactics, though they did not reveal where the materials came from. The hacker accessed the material on the captain’s computer using a vulnerability in Netgear routers.
The attack is the latest in a long line of breaches in military and other public sector domains, including a recent hack of a Navy contractor that exposed a large amount of sensitive data on submarines and undersea weaponry, which china is being pointed for the theft.