We really don’t need to fear the little green man with lasers when we’ve got a bigger threat right here, on earth. A recently published report from NASA’s Office of Inspector General reveals that the Jet Propulsion Laboratory’s IT infrastructure has been compromised in early April 2018.
The investigators discovered that hackers managed to steal 500 MB-worth of data from an unsecured terminal using a modified version of Raspberry Pie nanocomputer.
It would also appear that the malware code also locked some database segments, the hackers demanding ransom in order to release the data.
The Secrets of the Known Universe…Stolen
Here’s a question for you – let’s say you want to learn more about Curiosity’s latest finds or about Pluto or whatever. What’s your approach? If stealing the data directly from NASA’s JPL using a modded Raspberry Pie computer was your answer, then you get a golden star.
Indeed, the Jet Propulsion Lab’s computers got hacked, but it took the space agency ten months to make this incident public. Why? I can’t say for certain.
Maybe it has something to do with NASA being hacked by a person who tapped into a computer belonging one of the most secure locations on our planet!
Rant aside, according to the recently published investigation, person or persons unknown got inside the laboratory and somehow managed to hook up a modified Raspberry Pie nano-computer to one of the servers.
Normally, sneaking in a device should be impossible, considering that all employees are required to register all electronics before going inside the lab. Apparently, the standard procedure was not observed in this case.
Obviously, there’s more here than meets the eye – OIG’s report didn’t say anything about accomplices, but considering how this job was pulled off, we can definitely state that there was more than one person involved.
Anyway, as far as the damage is concerned, OIG’s report estimates that some 500 MB of data was stolen, some of it being used in ransomware attacks. The data contained mission reports, vehicle telemetry, incident notes, and “lessons learned” as NASA noted.
With the incident made public, OIG also announced that the culprits for the info leak had been dealt with.
According to the said report, the persons responsible for this incident were several system administrators who “did not consistently update the inventory system when they added devices to the network “The target was NASA’s Information Technology Security Database.
In commenting on the event, OIG declared that this cybersecurity breach was due to lackadaisical security measures. Unfortunately, there is no way to retrieve the stolen information which is probably on the dark web somewhere, waiting to be bought.
NASA’s recently disclosed incident shows us two things. First, no server or PC is impervious to cyber attacks. Second, Raspberry Pie rocks!
To think that a thing that can fit in the palm of your hand can do this much damage! So, what’s your take on this incident? Do you think the hacker found out stuff about alien lifeforms or maybe a new type of spaceship? Head to the comments section and let me know.