The media learned the passwords from the system control APU
MOSCOW — RIA Novosti. Ukrainian military used to access the servers of the automated command and control system “Dnipro” simple passwords like “123456” and “admin”, UNIAN reports with reference to the documents published by the journalist Alexander by Dubinsky.
The vulnerability was discovered during testing in may, database specialist, who served in the armed forces. He spoke about the problem to the operations duty officer of the military unit, but the password was never changed.
Then, the expert appealed to the SBU, the national security Council and the foreign intelligence Service of Ukraine. In the intelligence Department replied that this issue is not in their competence. The defense Ministry and the SBU, in turn, said that he had taken the necessary measures to correct the deficiencies.
However, in July, the same specialist found that a piece of equipment continued to use the same passwords, and in some cases the computers of the Ministry of defence it was possible to access just. In the NSDC reported that he had forwarded a second appeal to the war office and the SBU. Later the author of the hits disconnected from the system, organized a test of the General staff and threatened with criminal prosecution, found Dubinsky.
“Come the fourth month, and passwords for access to facilities, servers and computers of the Ministry of defense remain the same: 123654 admin and,” — said the journalist. According to him, using the vulnerability, a potential adversary can learn the set before the units APU tasks.