Iranian Hackers Compromise NASA SSL Certificate, Agency Investigates

On May 16, a group of Iranian hackers and programmers operating under the name of Cyber Warriors Team claimed to have compromised an SSL certificate issued to the Research and Education Support Services of NASA.

A space agency representative revealed that they’re currently investigating the incident, SecurityWeek reports.

According to a statement released by the group on Pastebin, they needed the certificate to perform a man-in-the-middle attack.

Judging by a screenshot the hackers published, the certificate was utilized on the site of NASA’s Solicitation and Proposal Integrated Review and Evaluation System (NSPIRES)

They managed to leverage a security hole in the login system, which allowed them to obtain the administrator’s username and password.

“Our main work and we target Is in use. Our target was not Internet sabotage (sic),” the Iranians wrote.

“Our Target was Do ‘MAN IN THE MIDDLE’ attack (with using Confirmation obtained) and also Clear the track after each connection in the network For Hide and Disclosing my presence in Two-way communication between. But the problem still exists And its use isn't Hard For We (CW.T) (sic),” they explained.

The hackers state that they gained access to thousands of record sets belonging to NASA researchers.

For now, there aren’t too many details regarding the man-in-the-middle attack, but they claim that they will release a video to demonstrate their actions.

If the incident turns out to be real, it wouldn’t be the first time NASA systems are breached. Disregarding the large number of cross-site scripting vulnerabilities found on the organization’s sites by hackers and security researchers, the number of breaches that affected the space agency is considerably high.

In February, NASA representatives admitted that in 2010 and 2011 they had been targeted by 5,408 cyberattacks. Since that report, a number of security experts claimed that some improvements were seen as far as website flaws were concerned. However, there’s still a long way to go before they can say that their systems are 100% secure.