Attackers infiltrated NASA’s network through a Raspberry Pi computer
- A recent report by NASA OIG disclosed that the attackers used a Raspberry Pi in its April 2018 data breach.
- It also mentions that the hackers stole around 500 MB of data in the breach.
The National Aeronautics and Space Administration (NASA) has confirmed that the April 2018 data breach was carried out using a Raspberry Pi. In a report published by the NASA Office of Inspector General (OIG) this week, the officials stated that the attackers stole around 500 MB of data, some of it related to Mars missions, from this breach. OIG says that the hackers primarily targeted NASA’s Jet Propulsion Laboratory (JPL) computer network.
- In the report titled “Cybersecurity Management And Oversight At The Jet Propulsion Laboratory”, OIG mentions that the unauthorized Rasperberry Pi was used as a point of entry to the network of JPL. A shared network gateway was subsequently hacked to move further inside the network.
- The report stated that around 500 MB of data was stolen from 23 files. Among these, two files contained information related to international traffic in arms regulations and projects such as the Mars Science Laboratory mission.
- Furthermore, it mentions that hackers successfully accessed two of the three primary JPL networks.
Potential Involvement of an APT
OIG suggests that the breach was possibly committed by an advanced persistent threat (APT) group. However, there was no mention of a specific group. “Given the architecture of JPL’s network, the attackers were able to expand their access upon entry and move laterally across the network. Classified as an advanced persistent threat, the attack went undetected for nearly a year,” OIG noted in the report.
After the incident, JPL has deployed additional monitoring agents on its firewalls in order to monitor suspicious activities on its network.