A hacker unlawfully accessed NASA’s Jet Propulsion Laboratory in 2018 by targeting an off-the-shelf micro-computer called a Raspberry Pi.
The violation was discovered in 2018 but just disclosed to the public in a June 18 report. Nasa came to know of an “unauthorized” Raspberry Pi that created a portal that allowed the unknown attacker access to the network for months until it was ultimately discovered and patched.
Img Src:the gal post
For those unfamiliar, a Raspberry Pi is a $35 micro-computer made popular by any number of school science projects (mostly involving a blinking light) or its occasional appearance in hacker movies or TV shows. Its price and size make it an attractive piece of hardware for the DIY crowd. And though it’s cheap and miniature in size, there are few limits to what it can do when placed in the right, or wrong, hands.
The Raspberry Pi wasn’t the culprit, but the victim in this case. The malicious user was using a superficial account which moved stealthily through NASA’s network for about 10 months, according to a June cybersecurity report from the Office of the Inspector General. He succeeded therein, searching 23 files, two of which contained information about the current Mars mission. According to a report, the hacker made off with approximately 500 megabytes worth of data.
Though the Raspberry Pi was never meant to be connected to the network, according to NASA — at least not without prior authorization.
Img SRC:tech the lead
This notified a bigger issue, that a non-investigated device connected to the network of one of our most secretive organizations, remained there for months, and walked off with half a gigabyte of data before being discovered. It's one of the major failures to allow these devices to connect to the network without being properly identified.
The problem could have been much worse. Actually, it’s a bit of a kick, knowing that NASA’s best cybersecurity efforts were thwarted by a $35 device anyone could purchase on Amazon.
Yet another big reminder that networks are only as strong as the humans who use them...