NASA Jet Propulsion Laboratory network was hacked by targeting a Raspberry Pi that wasn't supposed to be connected to it
- AnOffice of the Inspector General report says that a hacker accessed the network of NASA's Jet Propulsion Laboratory in Pasadena, CA in April 2018 by targeting an unauthorised Raspberry Pi, a small computer that is often used to make DIY projects.
- The report said that this reveals a weakness in the lab's cybersecurity, as devices can be added to the network without being properly vetted.
- During the April 2018 attack, the hacker stole 500 megabytes of data, including data about a Mars mission.
- For more stories go to www.businessinsider.co.za
A hacker accessed a NASA lab's network in April 2018, by targeting an unauthorized Raspberry Pi, a pocket-sized computer that connects to the Internet.
During the April 2018 attack, the hacker stole about 500 megabytes of data from 23 files, two of which contained information related to a Mars mission. The hacker used an external user account and moved undetected within JPL's network for about 1o months, according to a June Office of the Inspector General report about cybersecurity at NASA's Jet Propulsion Laboratory (JPL) in Pasadena, CA.
During this time, the hacker was able to poke for weaknesses, such as the Raspberry Pi. According to the report, this Raspberry Pi computer was not authorized, but it had been attached to the lab's network. In turn, the hacker was able to access this network by targeting the Raspberry Pi.
This shows a major weakness, the report says, as that devices can be added to the network without being identified and vetted by security officials. This device should not have been allowed on the network without approval.
The report also found that system administrators did not consistently update the inventory system when devices are added to the network. They have to update this inventory spreadsheet manually, and may not do so if the database isn't working or if system administrators forget to do so.
This opens the possibility of unauthorised devices being added onto the network.
The Raspberry Pi is often used as a tool for beginners to learn to code. This computer can be used to build DIY projects. Some projects that have been built with a Raspberry Pi include phone-activated coffee machines, arcade games, and dog treat dispensers.
Receive a single WhatsApp every morning with all our latest news: click here.
Also from Business Insider South Africa:
- We tried a vending machine that gives away free stuff – and it is coming to malls all around Gauteng soon
- We paid R130 for the American plant-based Beyond Burger that has created a R100 billion company – and it tasted just like meat
- Watch: Why pink Himalayan salt is so expensive
- A bride says her bridesmaid posted a photo of her wedding dress weeks before the big day and tagged the groom
- Here's how much data you're using while streaming Netflix, and how to change your data usage settings
- Microsoft reportedly bans its employees from using Slack for security reasons and encourages them to to use the Microsoft Teams app instead