NASA Hack Blamed On Rogue Raspberry Pi

Share

In addition to mentioning the agency's 2011 security breach in which 87GB of data was stolen, the report discloses data theft that was discovered in April 2018.

An investigation apparently revealed "multiple IT security control weaknesses" that reduced "JPL's ability to prevent, detect, and mitigate attacks targeting its systems and networks, thereby exposing NASA systems and data to exploitation by cyber criminals".

Though the Pi had been hooked up to the network by the worker, lax controls over logging meant Nasa directors didn't comprehend it was current, stated the report.

A Rapsberry Pi is a credit card-sized microcomputer which offers similar functionality to a standard desktop computer, and subsequently it must be protected from any exploitation using the same level of security reserved for other computers connected to a secure network. This has been proved by a recent report which confirmed that a NASA lab was hacked using a Raspberry Pi.

Raspberry Pis are popular because they offer a deceptively capable platform in an itty-bitty form factor that's flawless for tinkering.

NASA JPL (Jet Propulsion Laboratory), a government funded research and development center, recently suffered a cyber security breach where one of the external user accounts were hacked, stealing approximately 500MB of data from its system.

The audit report really helpful that NASA does a greater job of monitoring its network and tighten up its hack attack policies.

Читайте также: Trump eyes more Iran sanctions; military action still on table

The hackers also gained access to several major missions, including NASA's Deep Space Network.

It is also the world's most sensitive and largest system of scientific telecommunications.

The review report also revealed that the system admins at NASA didn't regularly update the inventory system and kept on adding new devices to the network.

As soon as the attacker had received access, they then moved across the internal network by taking advantage of weak internal security controls that ought to have made it impossible to leap between different departmental techniques.

Moreover, lack of appropriate security controls allowed third parties to connect to the IT systems of NASA and the space agency didn't deal with security lapses as promptly as it is expected to since even the logged security flaws were left u resolved for over 180 days.

Did you enjoy reading this article?

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2019 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Share