Update: Hackers hit Mars lander's Web site
Turkish hackers redirected visitors on Saturday; site back up now
Computerworld - The Web site for the Phoenix Mars Lander, NASA's most recent arrival on the Red Planet, was hacked over the weekend by a Turkish group, according to a project spokeswoman.
Phoenix's site, which is hosted and operated by the University of Arizona's Lunar and Planetary Laboratory (LPL), was hacked on Saturday by members of the "sql loverz crew 2008," according to spokeswoman Sara Hammond.
The home page of the Mars mission's site was breached twice in quick succession late Friday night by two members of the hacker gang, which is reportedly based in Turkey. Visitors were shunted to another site that displayed the Turkish flag and messages, including "pwned by BLaSTER - Cr@zy_king" and "nasa teach ariz0na pwn3d??" according to Zone-h.org, a group that collects evidence of site attacks, logged the attacks and recorded the redirected messages.
Security blogger Dancho Danchev first reported the Zone-h.org logging of the redirect attacks.
After another attack several hours later defaced a blog post on the site, the project took the site offline, said Hammond. "It was back up Saturday at 1:15 p.m. MDT," she added.
"This was the public site," Hammond stressed. "None of the scientific data was ever at risk."
She declined to comment on how the site had been hacked and what steps the LPL had taken to secure it from future attacks.
The Phoenix Mars Mission Web site offers news, images and other information about the lander, which safely touched down just over a week ago. The mission is being co-managed by the University of Arizona and NASA's Jet Propulsion Laboratory.
Unlike the still-functioning Mars rovers Spirit and Opportunity, Phoenix is stationary. It will use an advanced robotic arm and other instruments to analyze Martian soil, particularly for evidence of water. The arm took its first scoop of soil today.
Web site defacements and redirects are common — Zone-h.org logs hundreds on a typical day — and are often aimed at the most prominent sites. Last year, for example, hackers defaced the United Nations' site with messages accusing the U.S. and Israel of killing children. Sections of the UN site remained offline for much of a day.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Live Webcast IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...