NASA hack blamed on unauthorised Raspberry Pi

Scathing report details ten years of security issues and malpractice

NASA headquarters

An unsecure and unauthorised Raspberry Pi device has been blamed for a 2018 security breach in NASA's Jet Propulsion Laboratory (JPL), a department plagued with cyber security vulnerabilities, according to a new report from NASA's Office of Inspector General.

The security breach in question saw hackers target a NASA employee's Raspberry Pi device, which wasn't authorised to connect to the JPL's network, and make off with 500MB of data from one of its major mission systems.

Advertisement - Article continues below

This was just one of the more recent incidents from the past ten years of "notable cyber security incidents that have compromised major segments of its IT network," according to the report.

Back in 2011, the same department fell victim to another security breach which saw hackers gain full access to 18 servers that supported key missions, giving them read/write privileges of nearly all files, and steal 87GB of data. At the time, JPL managed 23 aircraft in active missions to Jupiter Mars and Saturn.

Across the entire organisation, 13 hacks were reported in 2011 alone with other incidents resulting in employee credentials being stolen because it failed to encrypt and protect sensitive data quickly enough, according to Paul Martin, NASA general testifying before Congress at the time.

Advertisement
Advertisement - Article continues below

The latest investigation into the cyber security malpractice revealed myriad weaknesses in JPL's IT network, one lying in the database it uses to monitor and track its physical assets and applications on its network. The database the department used was inaccurate and incomplete, meaning JPL couldn't effectively monitor the entire network and react to security threats.

Advertisement - Article continues below

"There's been a failing of appropriate policy definition and demonstrable compliance issues," said   Matt Walmsley, EMEA director at Vectra. "There have been technical gaps which have rendered JPL unaware of devices connected to their network and left them almost blind to indicators of active attackers who have defeated access and preventative controls and are now operating inside their network with impunity."

Feeding into the Raspberry Pi discovery, a more general weakness in network visibility was mentioned in the report as being a key influencer in the department's inability to secure its network too.

"Further, we found that JPL's network gateway that controls partner access to a shared IT environment for specific missions and data had not been properly segmented to limit users only to those systems and applications for which they had approved access," the report added.

"This shortcoming enabled an attacker to gain unauthorized access to JPL's mission network through a compromised external user system."

Advertisement - Article continues below

The scathing report added that tickets created by the network-monitoring database (aforementioned) regarding a vulnerability detection went unresolved for extended periods of time, in some cases more than 180 days. JPL system administrators were also confused about their responsibilities regarding management and review of logs for identifying malicious activity occurring on the network.

The report detailed a host of other issues in the safekeeping of the organisation's network, some of which deviated from industry best practices and advice from cyber security experts.

Of the 10 recommendations raised in the report, NASA has agreed to all but one: to establish a formal threat-hunting process - the one recommended by IT experts to "aggressively pursue" vulnerabilities that weren't just basic, surface level issues.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement
Advertisement

Recommended

Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020
Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular

Visit/infrastructure/network-internet/355792/intel-releases-wi-fi-and-bluetooth-driver-updates-for
Network & Internet

Intel releases Wi-Fi and Bluetooth driver updates for Windows 10

26 May 2020
Visit/infrastructure/server-storage/355785/dell-emc-poweredge-r7525-review-an-epyc-core-density-to-make
Server & storage

Dell EMC PowerEdge R7525 review: An EPYC core density to make Intel weep

26 May 2020
Visit/operating-systems/microsoft-windows/355781/microsoft-confirms-further-issues-with-troublesome
Microsoft Windows

Microsoft's latest Windows 10 update is causing yet more issues

26 May 2020