Hacker Uses SQL Injection to Attack NASA Websites
A hacker recently attacked two NASA websites only to prove that they were vulnerable to 'SQL injection.' An SQL-injection attack is one where malware is injected into the site's data, which then transmitted to an SQL server where it is parsed and executed.
After breaking into the Internet sites of the Software Engineering division and the Instrument Systems and Technology section of NASA, the attacker took screenshots of the hack and posted them online.
Gunter Ollmann, once an IBM security researcher and currently Security Company Damballa's Vice-President of Research, states that the hacker alias "c0de.breaker" seems to have exploited the SQL-injection vulnerabilities along with the insufficiently-guarded access controls to leverage the attack, as reported by TheRegister on December 7, 2009.
Ollmann noted the hack at NASA resulted in leakage of login details of about 25 administrator accounts, as reported by SCMagazine on December 7, 2009. According to the VP, the hacker even managed to reach an online portal whose function was to manage and edit the targeted websites, thereby altering the administrators or content of the same.
Meanwhile, a NASA spokesperson refrained from commenting when asked about the hacking. However, a security analyst at the space agency spoke to Ollmann and informed that the problems had been resolved and they were safe.
Commenting on the problem, Ollmann said that online criminals were always searching for websites which were easy to attack through SQL code-injection, a problem that occurred again-and-again because of websites that got updated with new content.
In the NASA attack, the hacker discovered the security flaws, notified them to the agency and posted his discoveries only after NASA experts repaired the sites, Ollmann indicated. But a worse case is that a hacker could break into the Web-server and through it, access other computers on which NASA regulated and edited its websites' content, so that drive-by downloads could be added to those sites.
The security researchers say that it is risky for hackers to meddle with websites ran by NASA. Despite that, it is important for the agency to make their websites secured ASAP to avoid any possible drive-by download attack.
Related article: Hacker & Virus in MySpace
» SPAMfighter News - 16-12-2009