Raspberry Pi Used in JPL Breach
NASA report shows exfiltration totaling more than 100 GB of information since 2009.
Auditors' reports tend to make for dry reading. But NASA's Inspector General has delivered a report on "Cybersecurity Management and Oversight at the Jet Propulsion Laboratory" that includes twists and turns — like a hacker using a vulnerable, unapproved Raspberry Pi as a doorway into JPL systems.
That Raspberry Pi was responsible for 500 megabytes of NASA Mars mission data leaving JPL servers. The intrusion resulted in an advanced persistent threat (APT) that was active in JPL's network for more than a year before being discovered.
This was the most recent breach listed in the report. Other breaches noted date back to 2009 and include exfiltration totaling more than 100 gigabytes of information. Several of the intrusions feature command-and-control servers with IP addresses located in China, though the responsibility for the latest attack was not assigned to any country or actor.
The Inspector General's report makes a number of suggestions, including greater network segmentation, more rigorous external device approval, and an improved trouble ticket process, for improving cybersecurity at the lab.
Read more here.
About the Author
You May Also Like