Incidents

A Raspberry Pi device was used to hack NASA labs

NASA’s Jet Propulsion Laboratory was hacked in April last year; According to IT system audit experts, threat actors managed to steal around 500 MB of data about the missions carried out in this lab. Recently revealed incident reports mention that hackers used a Raspberry Pi board to access compromised systems.

According to reports from the information
security news portal Threatpost, the U.S. Office of Inspector General traced
the hack to a Raspberry Pi device connected to NASA
lab network without authorization. Hackers discovered and exploited the device
to access NASA’s network and multiple laboratory systems, such as the Deep
Space Network (DSN), the agency’s radio telescopes system. 

IT system audit experts believe that while any
security incident at NASA must be treated delicately, U.S. government agents
acted correctly at the start of an audit to find out what was the main trigger
of this problem. For experts, the ease with which hackers were able to navigate
through NASA different systems is worrying, mainly because of the large amount
of confidential information held by the agency.

According to IT system audit specialists of the
International Cyber Security Institute (IICS) another reason that may have
contributed to the security breach at NASA is the lack of visibility of the
Laboratory’s systems; in other words, security devices did not always manage to
identify and verify new devices connected to the network.

In addition, there were no security controls
inside the lab to prevent any third party from connecting to the agency’s IT
systems. Finally, the incident was not corrected in time, as the
vulnerabilities were identified, but remained uncorrected for nearly half a
year.

The good news is that NASA seems to have
learned the lesson, now the agency is doing the necessary work to strengthen
its computer systems to prevent a similar incident from reoccurring.

To Top

Pin It on Pinterest

Share This