A hacker who calls himself LegitHacker97 has made a claim that he has hacked one of the sub domains of the website of the National Aeronautics and Space Organisation (NASA), which actually belongs to a computer of the U.S. Government. This is the most recent in a long list of such incidents where hackers have broken into many important government websites to steal information or to reveal the vulnerabilities that are there and this is not the first time that the NASA website has been hacked or somebody has exposed the security weaknesses of the space organisation. In fact it has been officially been confirmed by NASA officials that their website was hacked 13 times in the last year so this hack should come as no surprise.
The hacker has pasted a compressed archive file of 82.52 MB on the net five days ago, which includes the complete coding of the website in ASP. After downloading the file from the link posted by the hacker, it was found that the files included in the dump were the same that belonged to the NASA sub domain website https://nsckn.nasa.gov and the same address has been mentioned by the hacker. This leaves one to speculate how a hacker got entry into a sub domain that can be accessed only by authorised users.
Actually the domain https://nsckn.nasa.gov belongs to the NASA’s NSC Know Now centre which contains the information and access to the aerospace contractor community technical documentation related to the Space Launch System (SLS). To get the login, a contractor has to contact the designated official and create a profile. After creation of the profile, the contractor has to submit proof to the designated official that it is a U.S. based company and attach an affidavit for the same after which the access is provided as soon as possible by the designated officer Joseph McCollister.
When enquired about the way the hacker got access to the site, the hacker mentioned that he exploited the Local File Inclusion vulnerability in the site and gained access by uploading the backdoor to the site. Local File Inclusion vulnerabilities are commonly exploited by the hackers to gain access to such websites as these vulnerabilities allow hackers to add files of their own to the website server.
This means that hacker gained access by first establishing rapport with the designated officer of the NSC Know Now centre which helped in creating the profile. After which the hacker exploited the vulnerability and accessed the server which means that the hacker used social engineering to gain the trust of the officials. This is quite possible since a human error is practically irreparable and no cure is available for a little carelessness and it can become the weakest link in the security. However, the officials at NASA will have to make sure that such acts of fallacy in reasoning are not repeated and NASA will have to review its online security setup so that hackers are not allowed to gain access. This is because it is always a source of concern if government sites are blatantly hacked every now and then.