TinKode hacks into NASA servers, posts evidence of breach online

Filed Under: Data loss, Vulnerability

NASA Goddard centerA hacker with a history of breaking into high profile websites to expose poor security has claimed to have broken into an FTP site belonging to NASA's Goddard Space Flight Center, based in Greenbelt, Maryland.

The serial hacker, who calls himself TinKode and is believed to hail from Romania, posted images on the web as supporting evidence of the hack.

Previous targets to have fallen at the hands of TinKode include the Royal Navy website and MySQL.com which succumbed (oh, the irony!) to an SQL injection attack.

Evidence of NASA hack

TinKode is one of a new breed of hacker, courting the media and announcing his successful hacks via web postings and announcements on his Twitter account.

The good news is that the mysterious TinKode appears to be spurred on more by the desire to embarrass organisations into tightening their web security than financial motivation.

In an interview with Network World, TinKode compared his work to a free security audit:

Until now, no. I don't do bad things. I only find and make public the info. Afterwards I send an email to them to fix the holes. It's like an security audit, but for free.

Nevertheless, his actions are still against the law and he could face prosecution if brought to court. Others would be unwise to follow in TinKode's footsteps.

Of course, prevention is always better than cure - and less embarrassing too. If you haven't already done so, check out our free technical paper about "Securing websites", which discusses common ways web servers are attacked and the various ways they can be protected.

, , , ,

You might like

2 Responses to TinKode hacks into NASA servers, posts evidence of breach online

  1. Someone · 1217 days ago

    It's in Greenbelt, MD - not Greenland.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.