Update: Hackers hit Mars lander's Web site
Turkish hackers redirected visitors on Saturday; site back up now
Computerworld - The Web site for the Phoenix Mars Lander, NASA's most recent arrival on the Red Planet, was hacked over the weekend by a Turkish group, according to a project spokeswoman.
Phoenix's site, which is hosted and operated by the University of Arizona's Lunar and Planetary Laboratory (LPL), was hacked on Saturday by members of the "sql loverz crew 2008," according to spokeswoman Sara Hammond.
The home page of the Mars mission's site was breached twice in quick succession late Friday night by two members of the hacker gang, which is reportedly based in Turkey. Visitors were shunted to another site that displayed the Turkish flag and messages, including "pwned by BLaSTER - Cr@zy_king" and "nasa teach ariz0na pwn3d??" according to Zone-h.org, a group that collects evidence of site attacks, logged the attacks and recorded the redirected messages.
Security blogger Dancho Danchev first reported the Zone-h.org logging of the redirect attacks.
After another attack several hours later defaced a blog post on the site, the project took the site offline, said Hammond. "It was back up Saturday at 1:15 p.m. MDT," she added.
"This was the public site," Hammond stressed. "None of the scientific data was ever at risk."
She declined to comment on how the site had been hacked and what steps the LPL had taken to secure it from future attacks.
The Phoenix Mars Mission Web site offers news, images and other information about the lander, which safely touched down just over a week ago. The mission is being co-managed by the University of Arizona and NASA's Jet Propulsion Laboratory.
Unlike the still-functioning Mars rovers Spirit and Opportunity, Phoenix is stationary. It will use an advanced robotic arm and other instruments to analyze Martian soil, particularly for evidence of water. The arm took its first scoop of soil today.
Web site defacements and redirects are common — Zone-h.org logs hundreds on a typical day — and are often aimed at the most prominent sites. Last year, for example, hackers defaced the United Nations' site with messages accusing the U.S. and Israel of killing children. Sections of the UN site remained offline for much of a day.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Live Webcast How to serve up a Grand Slam with a scalable IT Infrastructure for cloud, big data and advanced analytics Register today to attend this webcast, and see examples of how The U.S. Tennis Association, Wimbledon and U.S. Golf Association are using the...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Live Webcast IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!