NASA and the European Space Agency (ESA) have both fixed security flaws that enabled a new hacking group to recently breach their servers. The hackers, calling themselves "The Unknowns," told SecurityNewsDaily the space agencies' quick action validates their ethical exploits.
In a statement to ZDNet, NASA confirmed that officials detected the network intrusion on April 20, but that "at no point was sensitive or controlled information compromised." The ESA also confirmed it fell victim to The Unknowns.
On May 1, The Unknowns burst on the scene with a list of high-profile government targets it claimed to have hacked, including Harvard University, Renault, the U.S. Military's Joint Pathology Center, the Thai Royal Navy and the Ministries of Defense of France and Bahrain. In their dispatch, the hackers told the affected parties to contact them to learn exactly how their particular servers were exploited, and how they could be patched.
That NASA and the ESA addressed the security vulnerabilities validates the hackers' mission, the group says. In a May 4 email to SecurityNewsDaily, The Unknowns pointed to a Pastebin message, posted that same day, that explains the group's ethical stance and how NASA and the ESA's quick fix means that the Unknowns' network intrusions served their intended purpose.
"We decided to hack these sites for a reason," The Unknown's message reads. "These websites are important, we understand that we harmed the victims and we're sorry for that — we're soon going to email them all the information they need to know about the penetrations we did."
The Unknowns continued: "We still think that what we did helped them, because right now they know that their security is weak and that it should be fixed. We wanted to gain the trust of others, people now trust us, we're getting lots of emails from people we never knew, asking us to check their website's security and that's what we want to do."
"Our goal was never to harm anyone, we want to make this whole Internet world more secured because, simply, it's not at all and we want to help."
In contrast to the havoc-wreaking bent of other hacktivist groups, The Unknowns closed its message with a decidedly altruistic statement.
"We don't want revolutions, we don't want chaos, we just want to protect the people out there. Websites are not secured, people are not secured, computers are not secured, nothing is...We're here to help and we're asking nothing in exchange."