According to the report, the hack took place back in 2018 with a Raspberry Pi device as cheap as $25.
Would you believe that even NASA’s security systems aren’t as reliable as we deem them to be? In fact, it is possible to hack NASA’s laboratory using $25 Raspberry Pi, as was revealed by the federal authorities after they conducted a review on the data breach involving one of NASA’s labs back in April 2018.
Reportedly, the Jet Propulsion Laboratory (JPL) of NASA was hacked in April 2018 and hackers managed to steal about 500 MB of data from the lab’s major mission system that is used to send robots in space. The hacker used a Raspberry Pi to access the system and exploit the security flaws within the network in order to successfully pull off the hack.
Raspberry Pi is a tiny device loaded with high-level capabilities. It is a very
According to a report,
It is also the world’s most sensitive and largest system of scientific telecommunications. Therefore, managing to access and exploit such a sensitive and high-end system using a cheap Pi device is definitely an issue of concern as it highlights the huge security flaws that were present in NASA’s network until 2018.
The review report also revealed that the system admins at NASA didn’t regularly update the inventory system and kept on adding new devices to the network. The report also included statements from system admins at NASA, one of whom admitted that:
“He didn’t regularly enter new devices into the ITSDB as required because the database’s updating function sometimes does not work and he later forgets to enter the asset information.”
NASA’s JPL’s network is shared instead of being segmented, which is another aspect that helped hackers access numerous of the space agency’s systems switch between different systems easily. With such poorly secure network setup anyone can gain access and send “malicious signals to human space flight missions,” the report explained.
Moreover, lack of appropriate security controls allowed third parties to connect to the IT systems of NASA and the space agency didn’t deal with security lapses as promptly as it is expected to since even the logged security flaws were left u resolved for over 180 days.
Nevertheless, now that the review report is published and the major shortcomings in NASA’s networks are identified, it is now the responsibility of NASA to ensure foolproof security systems.