Brazilian Army gets hacked

Personal details of thousands of officers are leaked
Written by Angelica Mari, Contributing Writer

The Brazilian Army's servers got hacked earlier this week, resulting in personal details of about 7,000 officers getting leaked.

Motivations for the attack have been published online. The attack appears to have been prompted as retaliation against the supposedly inappropriate conduct of an Army team during a "capture the flag" (CTF) cybersecurity competition at the government's Center for Cyber Defence.

The Brazilian Army had been taking part in CTF events - contests where the goal is to attack and defend computers and networks using certain software and network structures - and, according to the hackers, officers had been winning the competitions by using forbidden technique WiFi deauth, which in practice is a denial-of-service attack.

As a result, national insurance numbers of officers, as well as their personal passwords used for access to the Army's websites have all been publishedon Monday (9).

"The security of the Brazilian Army is shameful. Each system has various critical vulnerabilities and in a short period of time, we took over the databases, servers running on different operational systems, email servers, several online platforms and the 'game over' was the domain controller," says the text published by the hackers.

"We know what you want. Just as in any other nation, your goal is to watch and control the population through electronic means," it says.

"Don't forget, you can play the game but the game board is ours," the hackers add, in a message to the Army.

The hackers have also invited others to do their "homework" by using the several thousand ID details to identify their owners and use their passwords to access other Army and government systems.

Details about 10 vulnerabilities of Army systems have also been made available and the hackers have issued a "Capture the Backdoor" challenge to the hacking community with a deadline of August 5, 2016 - the day the Rio Olympic Games will begin.

The Brazilian Army confirmed its servers had been hacked but added that the event did not affect the integrity of strategic defense systems used by the organization and that the incident is being investigated.

Editorial standards