Unbelievable.
The Jet Propulsion Laboratory, which is specifically designed to send robots to space was hacked last year. The hacker took 500 MB of important data which was all about the next missions that NASA was involved in. How? Well, they simply used a $25 Raspberry Pi which successfully breached through the paltry security of the place.
Not much of a genius, then?
What is Raspberry Pi?
Well, it is a very popular device that is loaded with several hi-tech capabilities. It is cheap, it can store data up to a huge limit, has a good shelf time, and is easy to use and carry. Probably why most hackers use this instead of other large scale hacking devices, that might get the job done better, but would also require a lot of manpower.
As the reports say, the breach in NASA’s data was examined by the US office of the Inspector General, who then traced it back to an unauthenticated Raspberry Pi device that was connected to one of the laboratory’s network consoles. The device not only stole data, but the hackers also accessed the Deep Space Network, the name popularly given to the giant set of radio telescopes that NASA operates.
Also, being that this is the world’s largest system of scientific telecommunications, this breach in security was seen as worrying, especially because someone got away with a boatload of data on such a cheap device. More so than worrying, it was shameful that an organisation as important as NASA had such faulty networks till 2018.
The review also stated that most of the workers in the labs didn’t update the inventory as they kept on increasing the number of devices to the main network. In fact, one worker admitted that the servers sometimes didn’t work when they were trying to add networks. And later, they simply forgot to assimilate it all.
Further, the network of JPL isn’t isolated or segmented. It is shared with the other sectors. This also enabled the hackers to easily go through multiple networks and in the main server of JPL. This is particularly worrying, for such a poor setup for network security might get potentially dangerous as malicious signals would be sent to jeopardise missions in space.