Attackers stole NASA. They needed a Raspberry Pi and bandits – Živě.cz


NASA's Office of Internal Audit has published a comprehensive report (PDF) on the lack of safety of one of the most well-known Jet Propulsion Laboratory (JPL). Last year hackers attacked and stolen at least 500 MB of confidential data.

Data theft and espionage are quite common nowadays, but this case is a little out of the question because the criminals entered the internal network through the Raspberry Pi poorly achieved!

The popular prototype microcomputer was probably launched by one of the organization's engineers on NASA's network, and OIG criticizes JPL's IT department for the new, unauthorized device to be detected and possibly blocked.

click to enlargeclick to enlargeclick to enlargeclick to enlarge
Raspberry Pi Zero W and other network equipment capable of attacking LAN / WLAN and LoRa in one of the working places of the Czech Republic (illustrative photo of the Živě.cz editorial)

It seems that network administrators did not adhere to very strict regulations and the attacker abused some of the vulnerabilities. Once dominated by Raspberry Pi, it entered the internal network and was able to easily download data. It should be noted that this is not NASA's first security incident. The US Air and Space Agency has dealt with problems years ago.

The entire security audit at NASA's JPL:


Source link