“Ironically, a certificate found in the data archive reveals that the captain, whose system was compromised, recently completed the Cyber Awareness Challenge, but he did not set a password for an FTP server hosting sensitive files.”
https://thehackernews.com/2018/07/dark-web-military-drone_11.html?m=1