In a recent report , NASA has revealed that hackers used an unauthorized Raspberry Pi to gain access to the JPL network back in April 2018. According to the space agency, hackers stole 500MB data that contained valuable data related to NASA’s ‘critical mission’.
In the report, NASA Inspector General Office of Audits revealed the findings from previous incidents. In addition to disclosing the breach from 2011 that allowed the hackers to gain access to over 87GB of data, the report revealed the actions that led to the data theft on April 2018. Additionally, the report noted that NASA uses a web app for tracking and managing its applications which contributed to the attack.
According to the space agency, when the team from IT department receives an equipment notification, managers are given 30 days to assign the new properties to system security plans. However, during the investigation, the officials found that the system administrators did not consistently update the inventory when they added a new device to the network leading up to the incident.
2018 attack was a direct consequence of lack of security for new equipment. At the time, hackers used an unauthorized Raspberry Pi to get access to JPL network and were able to steal the data in discussion. Shortly afterwards, NASA’s Johnson Space Center closed its connection from gateway to protect space flight missions.
At the time, the Johnson Space network closed the connection as the attack could ‘move laterally from the gateway into their mission systems, potentially gaining access and initiating malicious signals to human space flight missions that use those systems.’ While the Space Center has reestablished the connection seven months later, it is still concerned about potential attacks due to vulnerabilities, the report stated.