A Swiss hacker stumbled across the FBI’s no-fly list

It seems the federal government’s reputation is taking more damage every week these days, and the actions of a hacker in Switzerland are just the latest blow to law enforcement’s once-stellar reputation for security.

On Thursday, a security researcher published a blog post showing how she allegedly easily hacked an insecure server and gained access to the US government’s Terrorist Screening Database and its controversial “No Fly List,” which includes the names of hundreds of thousands of people suspected of being linked to terrorism or other illegal activities.

The server was apparently under the control of US national airline CommuteAir and their hacking led them to the government files.

In her blog entrythe hacker, known as the “Maia Arson Crimew,” said that within half an hour she uncovered the names and flight schedules of CommuteAir crews and found safety credentials that would allow her to access the Transportation Safety Administration’s (TSA) no-fly list .

The list she found contained more than 1.5 million names, along with lists of aliases they are allowed to travel under and names the federal government has marked as banned from US air travel Daily point reported.

Trend:

‘Tired of the s*** show’, Senator Lindsey Graham calls for joint military effort – ‘World order is at stake’

“The list featured several notable figures, including recently freed Russian arms dealer Viktor Bout, alongside over 16 potential aliases for him,” the Daily Dot added.

The list included a large number of people with Arabic and Middle Eastern-sounding names, as well as suspected members of the Irish paramilitary, IRA and other terrorists. One person was eight years old according to the date of birth associated with the name.

“It’s just insane to me how big this Terrorism Screening Database is and yet with the millions of entries there are still very clear trends towards almost exclusively Arabic and Russian sounding names,” Crimew told the Daily Dot.

The TSA released a statement simply saying it was “aware of a potential cybersecurity incident” involving the airline’s servers, and the FBI did not comment on the incident at all.

Do you think the FBI should be disbanded?

For its part, CommuteAir said the server the hacker breached was not its working server, but a “development server” used to store training materials and programs.

CommuteAir added that the server, which they have since taken offline, also contained no customer information.

The airline also found that the no-fly list the hacker found was out of date.

“The server contained data from a version of the 2019 federal no-fly list that included first and last names and dates of birth,” CommuteAir corporate communications manager Erik Kane told the Daily Dot.

“In addition, certain CommuteAir employee and flight information was accessible. We have submitted a notification to the Cybersecurity and Infrastructure Security Agency and are proceeding with a full investigation.”

Related:

‘It’s like 2 became FBIs’: Ex-agent reveals moment everything went politically armed

While that may be true, the server contained the names, addresses and even passport numbers of around 900 CommuteAir employees and also poses a problem for airport security.

have activists blown up the no-fly list for their bias towards Arabic and Middle Eastern names, and Crimew also drew attention to the apparent bias Business Insider, “Looking at the files just confirms a lot of the things that I, and probably everyone else, sort of suspected about the biases in this list. Just scroll through, you will see that almost every name is Middle Eastern.”

Interestingly, the no-fly list is not considered a classified document due to the large number of government agencies and companies that need access to it. Still, this is one of the first times it has been exposed by people outside of the travel industry and law enforcement. But it has also become even more controversial recently as airlines started adding names of customers who would not wear a mask during the pandemic.

Business Insider noted that the hacker was a “staunch leftist and anti-capitalist” who had previously been “charged with conspiracy, wire fraud and aggravated identity theft in connection with a previous hack in 2021.” The case The hacker attack on US surveillance cameras is still pending.

“The DOJ alleges that she and several co-conspirators hacked into dozens of corporations and government agencies and leaked more than 100 sites’ private victim information,” the insider added.

Coincidentally, CommuteAir was also hacked back in November. That fact prompted Crimew to dryly note that this second security breach could finally get the company to take its cybersecurity seriously.

“Even the fact that they had been hacked before apparently wasn’t enough to really invest in it. And that really just shows where the priorities are,” Crimew said, adding, “I just hope maybe they learned their lesson the second time around.”

However, whether or not the list of uncovered crimes was “out of date” is entirely irrelevant. The fact that the hacker was able to find such sensitive information and access points that would allow him to carry out further breaches is the real problem. It shows that far too many companies with access to government servers and information do not take their computer security seriously enough, a fact that leaves us all vulnerable to attack.

https://www.westernjournal.com/swiss-hacker-stumbled-upon-fbis-no-fly-list-found-disturbing-report/ A Swiss hacker stumbled across the FBI’s no-fly list

Linh

Pechip.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@pechip.com. The content will be deleted within 24 hours.

Related Articles

Back to top button