Documents that could give an enemy clues into the potential weaknesses of the Pentagon’s MQ-9 Reaper drone purportedly have been up for sale on the Internet, a cybersecurity research firm says, amid concerns about whether the U.S. military is doing enough to protect its data.
The Recorded Future firm said an unidentified hacker last month was trying to sell the documents for as little as $150 after allegedly stealing them from the computer of an Air Force captain stationed at a base in Nevada.
“I’ve been personally researching [the] dark web for 15 years, and I have never seen anything like this,” Andrei Barysevich, a senior threat researcher at the company, told the Wall Street Journal.
The revelation comes after military officials said in June that the Department of Defense inspector general was probing a separate security breach. Earlier this year, a series of cyberattacks sponsored by Chinese government hackers infiltrated the computers of a U.S. Navy contractor, allowing a large amount of highly-sensitive data on undersea warfare to reportedly be stolen.
But there was no evidence the mystery hacker was tied to a foreign country or specifically was seeking to steal military documents, the firm told the Wall Street Journal.
Instead, they said the hacker scanned swathes of the Internet to find Netgear routers that were set up improperly, and then exploited a vulnerability to swipe documents from machines. The purported documents the hacker obtained related to maintenance of the drones, which are used for overseas strikes and surveillance missions.
Recorded Future suspects the hacker could be from South America, as the person communicated in broken English and sometimes in Spanish. The firm posed as a potential buyer and swapped messages with the hacker, at times receiving screenshots of the purported stolen documents, according to the Wall Street Journal.
The hacker also reportedly was selling U.S. military documents such as a tank operation manual and information on how to reduce the capabilities of improvised explosive devices.
The company said it notified Homeland Security about the alleged hack and was informed that it was being investigated.
Fox News’ Travis Fedschun contributed to this report.