Hacker used Raspberry Pi computer to steal restricted NASA data

A Raspberry Pi, two of which are pictured, is a credit-card sized device sold for about $30 that plugs into home televisions and
A Raspberry Pi, two of which are pictured, is a credit-card sized device sold for about $30 that plugs into home televisions and is used mainly to teach coding to children and promote computing in developing countries

A hacker used a tiny Raspberry Pi computer to infiltrate NASA's Jet Propulsion Laboratory network, stealing sensitive data and forcing the temporary disconnection of space-flight systems, the agency has revealed.

The April 2018 attack went undetected for nearly a year, according to an audit issued on June 18, and an investigation is still underway to find the culprit.

A Raspberry Pi is a credit-card sized device sold for about $35 that plugs into home televisions and is used mainly to teach coding to children and promote computing in developing countries.

Prior to detection, the attacker was able to exfiltrate 23 files amounting to approximately 500 megabytes of data, the report from NASA's Office of inspector General said.

These included two restricted files from the Mars Science Laboratory mission, which handles the Curiosity Rover, and information relating to the International Traffic in Arms Regulations which restrict the export of US defense and military technologies.

"More importantly, the attacker successfully accessed two of the three primary JPL networks," the report said.

"Officials were concerned the cyberattackers could move laterally from the gateway into their mission systems, potentially gaining access and initiating malicious signals to human space flight missions that use those systems."

NASA came to question the integrity of its Deep Space Network data "and temporarily disconnected several space flight-related systems from the JPL network."

The breach came about as a result of a system administrator failing to update the database that determines which devices have access to the network. As a result, new devices could be added without proper vetting.

In response to the attack, the JPL "installed additional monitoring agents on its firewalls" and was reviewing access agreements with its external partners, the report said.


Explore further

NASA computer servers vulnerable to attack: audit

© 2019 AFP

Citation: Hacker used Raspberry Pi computer to steal restricted NASA data (2019, June 25) retrieved 18 September 2019 from https://techxplore.com/news/2019-06-hacker-raspberry-pi-restricted-nasa.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
3 shares

Feedback to editors

User comments

Jun 25, 2019
Give that system admin da Bronx Cheer......da 'rasperry'! Of course a real rasberry PIE in his/her face would do ...toooo. I have to do 'net census' occasionally in my other house as it is in the middle of an 'old folks' (55+) neighborhood too as many poor folks are not against riding on your internet wi-fi. This includes cell fones too. That passing MS-13 guy dressed all in black on a black bicycle riding by at 0300 in the morning may be riding on the internet YOU pay for ...TOO, besides griftin' your trash bin for names he can steal, credit card numbas', bank account numbas', etc.

Jun 26, 2019
My Gawd, a humble rasberry Pi used to hack. what is the world coming to.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more