NASA research lab was hacked with extremely simple circuit board

NASA research lab was hacked with extremely simple circuit board
The attack caused NASA’s research department to lose 500 MB of data related to Mars missions. NASA’s investigation bureau has just released a report on the attack in April/2018, causing NASA to lose data on missions to Mars. It is worth noting that the attack came from a very basic Rasberry Pi board, which was connected to the network of Jet Engine Research (JPL). According to the investigation department’s report, hackers used this connection to penetrate deeper into NASA’s network through peer-to-peer sharing. Hackers have accessed the server that contains data on jet engine tasks on Mars, thereby stealing about 500 MB of data. In addition, investigators said hackers also approached the network of the Deep Space Network mission (DSN), a system of satellites that ensured the mission of transmitting information among NASA’s spacecraft. After discovering the attack, many NASA facilities disconnected from the JPL and DSN’s network due to concerns that hackers might be attacked. The attack took place from April 2018, but it was nearly a year later that it was discovered. According to the investigation department, the JPL database system is too old and lacks security, leading to the penetration. After being hacked by the Raspberry Pi board, the system also does not record the information to serve the investigation. The system administrators are also not interested in any new statements about devices connected to this network. In addition, the network at JPL is a shared network, not re-partitioned, which allows hackers to easily move between different systems. In addition, these weak security settings could be a flaw for hackers to exploit and create “malicious signals on human space missions”. In October 2018, two Chinese national hackers were accused of attacking cloud service providers, NASA and the US Navy. According to the US Department of Justice, these two hackers are part of the Chinese government’s APT10 network security group. However, the US Department of Justice did not say whether or not hackers attacked JPL in April 2018.
Tags:

Share this post