It turns out that NASA's confidential data has been stolen using Raspberry Pi as an entry point


by Les Pounder

The NASA has confirmed in 2018 that the Jet Propulsion Laboratory (JPL) network has been hacked. According to reports, hacking crackers have stolen data using Raspberry Pi , which is connected to JPL's network without permission.

CYBERSECURITY MANAGEMENT AND OVERSIGHT AT THE JET PROPULSION LABORATORY
(PDF file) https://oig.nasa.gov/docs/IG-19-022.pdf


Hackers Steal 500 MB of NASA Data Using Cheap Raspberry Pi Computer | Digital Trends
https://www.digitaltrends.com/computing/hackers-steal-500-mb-nasa-data-raspberry-pi/


In an audit report published on June 18, 2019, NASA discovered in April 2018 that an account belonging to an external user had been compromised, and it had about 500 MB of data from one of its major mission systems I revealed that I was stolen.

The cracker intrudes into the system using Raspberry Pi, which is connected to JPL's network without permission. He stole 23 files over 10 months. Two of the stolen files contained information from the International Weapons and Transport Regulations (ITAR) on the spacecraft Mars Science Laboratory used in the Mars Exploration Mission.

by Billy Brown

According to the audit report, it was discovered that users on JPL's network were able to infiltrate systems and applications that were not authorized for access. In addition, it seems that the IT security database has not been updated due to a malfunction of the network management system. Normally, in order to connect a new device to the network, it is necessary to register it in the security database beforehand, but it seems that the registration procedure is often omitted due to a defect in the security database, so adding a new device to the network Devices were not properly tracked. As a result, they could not detect the existence of unauthorized Raspberry Pi and allowed them to invade.

It seems that NASA's system management team had left system vulnerabilities for half a year, and such sloppy network management led to the intrusion of outsiders into networks, and hacking was discovered for a long time The auditor said that did not happen.

Also, the cracker had access not only to JPL's mission system, but also to a communication network to exchange information between space and the earth. As a result, it is said that systems of multiple facilities such as Lyndon B. Johnson Space Center, which is in charge of the International Space Station program, were disconnected from the gateway. According to space center personnel, an attacker may be able to transmit malicious signals to astronauts on space missions by invading the space center's mission system. about.

by NASA's Marshall Space Flight Center

Information security analyst Mike Thompson points out that NASA and JPL are targeted by crackers around the world because they have many patents on cutting-edge technology.

in Hardware,   Security, Posted by log1i_yk