ONSITE Overnight $100 - 1 Hour Minimum | Same Day $80 - 1 Hour Minimum | Next Day $70 - 1 Hour Minimum | MORE INFO...
Computer Repair fix IT services Business & Residential Toll Free: 1-800-432-1475 | Direct: (438)488-3296 - (347)389-2546

[ad_1]

Hackers discovered and targeted an unauthorized Raspberry Pi attached to the JPL network and exploited it to gain access and steal 500MB of data from major mission systems.


NASA Generic (Photo by Ethan Miller/Getty Images)

(Photo by Ethan Miller/Getty Images)

In April 2018, NASA’s Jet Propulsion Laboratory (JPL) was hacked and 500MB of data from major mission systems was stolen. A federal review of the incident has now revealed a Raspberry Pi was used to gain access to the system as well as the major security shortcomings present within NASA’s network that allowed the hack to succeed.

As Threatpost reports, the US Office of the Inspector General review traced the JPL hack back to a Raspberry Pi which had been connected to the JPL network without authorization. The hackers discovered and exploited the Pi to gain access to the network and then proceeded to access numerous JPL systems and the Deep Space Network (DSN). DSN is NASA’s international array of giant radio telescopes and the “largest and most sensitive scientific telecommunications system in the world.”

While any hack of NASA is of great concern, this one did at least trigger an audit and the discovery of just how poor the overall system security is within the space agency. The hackers were able to move freely between the different systems within the network because it’s setup as a shared, rather than segmented environment. This led to a concern the hackers could potentially gain access and initiate “malicious signals to human space flight missions.”

Other contributing factors as to why the hack was successful include a “lack of visibility into JPL systems” which meant new devices connected to the network weren’t always being identified and reviewed by a security official. Security controls were also lacking when it came to allowing third parties to connect to NASA’s IT systems. And finally, security problems weren’t being dealt with quickly enough, for example, security vulnerabilities were logged, but left unresolved for 180 days or more.

If there’s a positive to appear from this hack, it’s that the major shortcomings of NASA’s network security have been identified. NASA must now carry out the work to make its systems bulletproof from any future attacks, and it has agreed to do so following this review.

[ad_2]
Source link

No Comment

Comments are closed.