The computer system serving the United States National Weather Service has been hacked by the Kosovo Hackers Security Group, according to popular reports. According to security expert Chrysostomos Daniel of Acunetix, the hacked data includes sensitive files, directory structures, as well as information that could later be used for re-accessing the system.
Daniel went on to say that the hacker group claimed that the hack was payback for US policies targeting Muslim countries. One of the members of Kosovo said that the hacks were payback for malware such as STUXNET and FLAME which targeted nuclear plants and refineries in Muslim countries.
Another security expert Paul Roberts said that not much was known about the Kosovo hackers and that they had threatened to release more hacks, now that the weather.gov hack has been executed. Roberts went on to say that the hack that was carried out on the United States Weather systems has allowed hackers to gain sensitive information such as administrative account names, which would allow subsequent attempts of a ‘brute force’ attack possible.
According to reports, the hackers exploited a ‘local file inclusion vulnerability’, which allowed them to gain access to the servers. However, if compared to the hack against the Climatic Research Unit (CRU) in November 2009, the recent attack did not compromise scientific data and only compromised system files.
