Skip to main content

Netgear router bug let hackers steal classified documents on drones, tanks

Netgear says exploit that led to stolen documents was fixed a long time ago

A U.S. Air Force MQ-9 Reaper drone. EthanMiller/GettyImages

Hackers have managed to gain entry to classified documents on an Air Force captain’s computer after they exploited a known flaw in a Netgear router. Although the full extent of the data theft is still being quantified, the maintenance documents for the MQ-9 Reaper drone were stolen, as well as training manuals for the M1 Abrams tank, and defense tactics for tackling improvised explosive devices, were all found for sale on the dark web, Ars Technica reported. Netgear has since clarified to Digital Trends that the exploit used in the attack was fixed a long time ago in several firmware updates to its hardware.

Making sure to update your passwords (save them in a password manager) and firmware for any device connected to the internet is a must for many reasons, but security is the biggest one. As with many military organizations though, it appears that the U.S. Air Force fell behind on its updates, and a hacker was able to gain entry to a closed network in May through a Netgear router that had not been updated to fix a long-known exploit. Simply changing the admin password on the router would have fixed that flaw, too, but since it had not been altered, a hacker was able to gain entry and made off with a number of classified materials.

“Netgear has previously released a firmware that fixes this issue. We ensure that remote services are disabled by default, and passwords are required to be configured during device setup,” Netgear senior product security program manager Lisa Napier told Digital Trends. She also said Netgear customers were all notified via email when firmware updates were released, and that it encouraged automated updates to ensure hardware remained up-to-date.

Those are steps the Air Force appears not to have taken. This hack was only discovered when threat intelligence company Recorded Future found the stolen documents for sale on the dark web. Training manuals, maintenance documents, course books, and even footage from border patrol drones and surveillance cameras were all in possession by the party claiming to be responsible for the hack. While not all of it was highly classified or sensitive information, some of it most certainly was and that raises serious questions about the Air Force’s digital security.

Even more so is the fact that the Air Force captain whose system was compromised as part of the attack, had only recently completed a “Cyber Awareness Challenge” in February — three months before the hack took place. Clearly, there are lessons still to be learned.

The most positive takeaway from this event is that Recorded Future’s Insikt Group claims to have discovered the name and country of residence of the person(s) responsible for the hack, so it may be that some justice is meted out in the future. It claims to be working with law enforcement as part of the ongoing investigation.

Updated on July 13: Added the official statement from Netgear.

Editors' Recommendations

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Hackers targeted AMD to steal huge 450GB of top-secret data
A depiction of a hacker breaking into a system via the use of code.

A data extortion group known as RansomHouse has asserted that it has stolen upwards of 450GB of sensitive data from AMD.

Team Red has since confirmed that it launched an investigation into the matter after the situation came to light.

Read more
Netgear’s new Nighthawk gaming router brings Wi-Fi 6E speeds to the masses
The Nighthawk RAXE300 on a tabletop in a home.

If you love the design -- and performance -- of Netgear's tried and trusted wing-shaped Nighthawk routers, the latest Nighthawk RAXE300 should catch your eye. The RAXE300 is a Wi-Fi 6E router that was announced ahead of CES this year, and this new, more affordable model joins the much beloved and more premium RAXE500, which is one of our favorite gaming routers on the market today.

Like the premium RAXE500, the RAXE300's adoption of Wi-Fi 6E should lead to better performance with more spectrum, more high bandwidth channels, and less interference with reduced latency, according to Netgear.

Read more
Netgear’s $1,500 Orbi mesh Wi-Fi 6E router promises double the speed
Netgear's Orbi RBKE963 is a terrific Wi-Fi 6E mesh network.

Netgear's latest Orbi is a mesh Wi-Fi 6E network that claims to deliver some impressive-sounding speeds. This Wi-Fi 6E mesh router comes with a quad-band design and a new 6GHz band -- you just need a home or office broadband plan that can deliver the speeds to take advantage of the Orbi's features.

That promises speeds double what is achievable on the conventional 5GHz band found on most routers and whole-home mesh systems today. This means that the Orbi can reach a theoretical speed of 10.8Gbps.

Read more