Sophos Cloud Optix
Hackers have breached servers belonging to the US National Weather Service by exploiting a vulnerability in the weather.gov website, releasing sensitive data from the government systems.
A post on pastebin.com by a group identifying itself as “Kosova Hacker’s Security” took credit for the hack and posted lists of files allegedly copied from the servers as proof.
The group exploited a local file inclusion vulnerability on the weather.gov servers, according to information in the Pastebin document, which said the attack was in retaliation for American aggression against Muslim nations, including cyber attacks.
The leaked information includes a listing of administrative account names, which could open the hacked servers to subsequent brute force attacks against the accounts.
According to media reports, the hacking group cited the release of the Flame and Stuxnet malware as instigation for the attack.
“They hack our nuclear plants using STUXNET and FLAME like malwares , they are bombing us 27*7, we can’t sit silent – hack to payback them,” The Hacker News (THN) reported the hackers as saying.
The local file inclusion vulnerability was patched and the weather.gov site remained up Thursday. However, at least one other vulnerability, a cross site scripting hole, was subsequently identified on the site.
Little is know about the group claiming responsibility for the attack. However, they allege that the weather.gov hack was just one of many US government hacks the group had carried out and that more releases are pending.
Attacks against government systems and banks are raising alarms in the U.S. and elsewhere.
US Secretary of Defense Leon Panetta invoked the image of a “digital Pearl Harbor” in a speech last week, warning that the country is as unprepared for a large scale cyber attack, as it was for the 9/11 terrorist attacks.
They hacked the weather service servers? OMG! Now they know whether or not it's raining in Washington!
Kinda what i thought… I mean what "sensitive data" did they find exactly?
I'm Kosovan and I really dont agree with the reason "attack was in retaliation for American aggression against Muslim nations, including cyber attacks."
Oh come on… really? /facepalm
Yeah muslim presence/worship is not very big here in kosovo unlike media would have you think. Most of us aren't muslims at all and its the muslim world investing money to build mosques and that image here. I also don't think we have the resources and talent here for such hackers. It's a very convenient scapegoat if someone were interested in diverting attention from themselves or bringing negative attention to Kosovo. We do have a couple of enemies who definitely don't like us that have the resources to pull something off like this. It seems like a very convenient way to worsen relations with the US. Which most Kosovars love and consider an ally.
As UK Met Office Chief Defence Forecaster during the NATO campaigns in Kosovo and Bosnia from 1998 to 2001, I can assure contributors that accurate weather forecasting was essential for the success of these operations. The weather in former Yugoslavia is often atrocious, with snow, ice and freezing fog in the winter, and heavy thunderstorms in the summer. They get very short springs and autumns. In coastal parts of Croatia, where NATO forces were based, the local Bora winds literally SQUIRT cold air down the valleys leading to the warmer Adriatic sea with gusts reaching 80 or 90 miles per hour.
But the incongruity of the stated grounds for hacking the US National Weather Service is striking. The purpose of these NATO campaigns was to liberate largely Muslim Kosovars and mainly Muslim Bosnians from minority Serbian Atrocities! Normal Muslims, rather the these extremists, realise that they owe NATO a debt of gratitude. (Thank You Dandy #2.)
Finally, such a cyber attack would not have affected UK Met Office Defence services because we used Sophos Anti-Virus. That is why I still use it at home after retirement.
This is definitely not coming from Kosovo. Check your sources, reporters! Simply because someone puts a name there doesn't mean it was done by the people of that country. People from Kosovo love USA for aiding them in preventing the serbian genocide during the war in 1998-1999. They can't have done this, IMO. Probably serbs putting blame on Kosovo people.
Weather Forecast computers are very powefull. If I was a hacker, and got into a Weather Forecast computer, I would not steal data, but use it’s power to bruteforce passwords…
A more plausible motive would be to obtain geolocation data of Tor users who have an application installed on their PC or laptop which regularly obtains local weather data from a NOAA server. Debian users may find it very difficult to uninstall the problem app. About two years ago some users warned of just such a scenario in some Debian forums.