A hacker used a tiny Raspberry Pi computer to intrude Jet Propulsion Laboratory network of NASA, carrying off sensitive data and forcing the temporary disconnection of space-flight systems revealed by the agency. April 2018 attack was not detected for almost a year, according to an audit report issued on June 18, and a probe is still undergoing to find the culprit.
A Raspberry Pi is a credit-card type device sold for about $35 that corks into home televisions and is used directly for teaching coding to the children and boost computing in evolving countries.
In earlier detection, the attacker was able to withdraw 23 files equaling to approximately 500 megabytes of data, published in the report by the Inspector General of NASA’s office.
The report also claimed, “more importantly, the attacker successfully accessed two of the three primary JPL networks ”.
The report also stated, “ officials were concerned the cyberattackers could move laterally from the gateway into their mission systems, potentially gaining access and initiating malicious signals to human space flight missions that use those systems.”
NASA came to query the honesty of its Deep Space Network data “and temporarily disconnected several space flight-related systems from the JPL network. ”
The contravention released as an outcome of a system administrator failing to modify the database which determines the access to the network of the devices. Consequently, a new device could be included without proper screening.
In response to the attack, the JPL “installed additional monitoring agents on its firewalls” and was checking network access agreements with its external partners, as per the report.