Navy Sys Admin Hacks Into Databases From Aircraft Carrier

Use Netsparker


So this story caught my eye and I found it pretty interesting as it reads like something out of a Tom Clancy novel crossed with a bunch of script kiddies, a Navy Sys Admin has been charged with conspiracy to hack – the interesting part was that he hacked the Navy (whilst working there..) and also did it from a Nuclear aircraft carrier!

Seems like a pretty interesting scenario, I’m more interested in the technical details but all that’s mentioned is a case of SQL Injection – which isn’t exactly high-tech top tier hacking.

Navy Hacker

It also seems like the hacks took place a fair time ago back in 2012, but the court case and its details are only surfacing now.

A former systems administrator on a Navy nuclear aircraft carrier has been charged with conspiring to hack into government systems during a digital joy ride that spanned several months in 2012.

Nicholas Paul Knight, 27, who referred to himself as a “nuclear black hat,” was discharged from the Navy after he allegedly attempted to hack into a Naval database while at sea serving as a systems administrator in the nuclear reactor department aboard the U.S.S. Harry S. Truman.

On Monday, he and Daniel Trenton Krueger, a community college student in Illinois, were charged with one count each of conspiracy to hack in the U.S. District Court for the Northern District of Oklahoma.

They were allegedly part of a hacker gang that went by the names Team Digi7al and Team Hav0k. According to court documents, the gang also included at least three minors who have not been identified or charged in the case. Authorities say they were motivated by a combination of anti-government sentiment, boredom, and thrill-seeking.

The gang is accused of using SQL-injection hacks and other methods to gain access to various systems including ones belonging to the U.S. National Geospatial Intelligence Agency, which provides maps and other intelligence to the military, and a system belonging to the Department of Homeland Security’s Transportation Worker Identification system. The latter contains biometric and other sensitive data on workers who are issued special credentials to access secure areas of maritime facilities and vessels.

The group also allegedly hacked or attempted to hack into systems belonging to Los Alamos National Lab, a number of universities and police departments, as well as the personal web site of Rashod Holmes, a musician who sold merchandise from his site.


There’s also a lot of discussion about background checks, with two sides of the camp as usual – how is someone who has a criminal history hired to work for the Navy as a sys admin? And the other side is that maybe his mad l33t hacking skills could be why he got the job in the first place.

Ethically it’s always an interesting debate, should you hire an ‘ex’ hacker – or is a hacker always a hacker? Can people change/reform/become morally sound? Or does having a bit of the dark-side in you make you better at your job? If you haven’t done any malicious activities – can you really understand the mindset of a malicious hacker?

But despite more than two dozens hacks, the group had sporadic success. During an attempted breach of a Los Alamos Lab computer in April 2012, a systems administrator detected the hack and halted it before they could steal much data, according to a court document (.pdf).

The hack of a computer at the National Geospatial Intelligence Agency got them the schematics for more than ten databases, but they failed to download the sensitive agency data they sought from the computer, authorities say.

A May 2012 breach of an AT&T Uverse computer, however, got them mobile phone numbers of about 7,500 customers, as well as some email addresses of customers, physical addresses and cleartext passwords, the government says.

Three months later, according to authorities, they hacked into the website of Rashod Holmes and stole data on 1,000 customers, including the private bank account information of about 70 customers. They also breached the email account of the Ambassador of Peru in Bolivia and made off with the entire email contents of his account.

The group boasted about their exploits through a Twitter account — @TeamDigi7al — and even published the personal information they stole to storage sites where others could access the data, authorities say.

Knight, known online as “Inertia” and “Logic,” began hacking at age 16, according to the government, and was allegedly the self-professed leader of the gang who handled much of the publicity. Krueger, who was studying to be a network administrator and was known online as “Thor” and “Gambit,” allegedly performed most of the technical hacking.

The investigation, conducted by the Naval Criminal Investigative Service, began in June 2012, when a breach of the Navy’s Smart Web Move website and database occurred. The system, also known as Navy-SWM, is used by the Navy to manage the transfer and relocation of personnel and their family members in all branches of the military — Navy, Army, Air Force, Marines and Coast Guard. The database contained more than a decade’s worth of stored sensitive personal data on about 220,000 service members and their families, including Social Security numbers and birth dates. It also stored the answers to security questions that members used to reset their passwords for the system — such as their mother’s maiden name or the names of their children.

We’ll have to see what kind of charges get put up for this, I’m guessing there’s not going to be any ridiculous claims of terrorism in this case? As it’s quite clearly hacking without much of a point other than ‘because we can’.

You’d think someone working for the Navy would be smart enough to not hack the Navy AND get caught, but hey – who are we to judge.

Source: Wired

Posted in: Database Hacking, Exploits/Vulnerabilities, Legal Issues

,


Latest Posts:


BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.


Comments are closed.