It is easy to listen meetings of the Defencetop. According to “de Volkskrant” that a internal communication system that the Department used for video conferencing is not properly secured.
The account of a top executive at the Defence Materiel Organisation, according to the Volkskrant is protected with a factory default password. The newspaper was able to watch the login page of the man.
The newspaper does not listen to any meetings like eavesdropping. They only showed that the man earlier this week has met five times.
Also, the newspaper viewed the address list with numbers and IP addresses of offices, barracks and probably the National Crisis Centre.
Cybercrime expert Rickey Gevers found the leak after a tip from hacker group Anonymous.
Defense says in response that the seven videoconferencing systems over the Internet are using and acknowledges that this can be easily hacked. The cyber security department had already warned, says a spokesman.
It is not known how many employees of Defence use of the systems.
From Rickey Gevers blog
Videoconferencing systems of Defence easy to hack
Monday the 20th I was tipped off by hacker @ ntisec . He tells me something bizarre to have found and does not know what to do with it. He told me that Anonymous has gone looking for holes in the government, have found one, and now wants to sign, so he can help the government. However this finding may be of such high caliber that @ ntisec that he does not want to burn his fingers. I tell him to look at the data and then decide what I do with it.
@ Ntisec send me encrypted through various ways a manual for a video conference system, and an IP address. The mission is: “login with the default password on this IP.” The result is shocking. I end the video conference system of the Director of Marine Company CDRT Dr AJ de Waard. https://www.nidv.eu/Common/FileGateway.aspx?FileId=6c1d19c8-3e28-4a24-8f28-72723975d07e
Although access to the system is protected with a username and password is of course not very useful if that is the default and this can be found anywhere on the Webz. Indeed, the system has no defense against a brute force attack. In this case we can say that almost all routers in the Netherlands-including those in your home are more secure. For he that is in fact almost always completely not accessible via the Internet, let alone that we can bruteforcen. Besides the fact that it is very interesting that we now have a video conference systems can a director, of all places one at the Department of Defense, the real fun begins when we look in the address book:
We arrive at a list with different ip numbers and phone numbers. If we look at the corresponding names look, we know immediately what the barracks are … What that “Warroom” in The Hague really is, we can only speculate of course. * cough *
I walk after the list to check if I do not be fooled into account. I check the ip numbers and login details:
BELGIUM: ADSL Line skynet.be-offline
DMO @ The Haag_NL: BINGO! offline Defence Materiel Organisation
DMO, TMO: BINGO! Support Command-offline
Hague: BINGO! Royal Air Force -ONLINE
Force Vision @ Den Helder, NL: http://www.defensie.nl/dmo/organisatie_dmo/directie_wapensystemen/ressort_zeesystemen/cams-force_vision CAMS-Force Vision -ONLINE
KSG @ Flushing, EN: Zeelandnet line (Header -> BINGO! ) -ONLINE
LCW @ Woensdrecht-NL: BINGO! Support Command-offline
Test Site @ U.S.: Is indeed a test site . -Offline
Warroom @ The Hague-NL: BINGO! Support Command-offline is virtually inconceivable that anyone has put together for fun crafts. 4 sites provide a login capability, and these sites depend apparently on the Internet. The sites thereby neatly giving back what software is running behind, and in all cases this was indeed videoconferencing software. I note that one should try the password as often as you want. Brute Force is here so called again heeeul easily made. A spokesman for Defence responding (naturally) reluctant, saying that the systems are rarely used. And so although we do not have video conferencing with looked or listened to them, teaches us the logging of the system the next. The logs of February 20 t / m 21 Feb (and I skip a lot of weird): February 20 3:31:18 p.m. VLC_readyConfigureOutput_Cnf: Waiting for VPE to configure HDMI output 1 … February 21 9:14:48 VLC_readyGateQueryOutput_Cnf: PnP configure HDMI 2 to 1920×1080 @ 60Hz HDMI Received February 21 9:15:24 Source Format Event videolink from 17 (1280×720 @ 60, digital , ok) February 21 :: 9:16:23 _call makeOutgoingCall: Sending call request uri src = ‘h232: [- IP: The Hague -]’ to uri src = ‘h232 [- IP: Force Vision – ] ‘ February 21 4:00:47 p.m. Local Video Input Gate :: setIncomingMode (ig = 1) res = 1280×720 @ 6000 And does this still something suggests otherwise. Like what sources within our defense confirm. Let’s face it, this is not nothing, and by the current deterrent effect of all the hackers who are condemned to simple hacks, it seems crazy to report these facts. But am I doing it. I think it should be possible in this country this kind of problems with the jaw. Anonymous as our conference calls can all listen along , a Cyber army even more so. We would like the Netherlands are very naive when it is not possible these problems (without consequences) abuse. And should war ever break out, then we will probably direct this-stupid-seated blisters. I want this blog again to make a statement. The Dutch government condemns many young hackers, giving them a job in the security industry impossible. However, these are the very young motivated individuals that the government can and will help advance!
We are off. A maintainer of Defense has ever seven VTC systems purchased for himself.These systems run on the regular, public internet. The cyber-security Department of Defense warns against such systems, because they can be easily hacked. And it shows.Defence regrets that this incident with the appearance of insecurity can be aroused, but we emphasize that the private network never in danger was. Mvg
- You can follow any responses to this entry through the RSS 2.0 feed.
- Both comments and pings are currently closed.