Raspberry Pi Used in JPL Breach
NASA report shows exfiltration totaling more than 100 GB of information since 2009.
Auditors' reports tend to make for dry reading. But NASA's Inspector General has delivered a report on "Cybersecurity Management and Oversight at the Jet Propulsion Laboratory" that includes twists and turns — like a hacker using a vulnerable, unapproved Raspberry Pi as a doorway into JPL systems.
That Raspberry Pi was responsible for 500 megabytes of NASA Mars mission data leaving JPL servers. The intrusion resulted in an advanced persistent threat (APT) that was active in JPL's network for more than a year before being discovered.
This was the most recent breach listed in the report. Other breaches noted date back to 2009 and include exfiltration totaling more than 100 gigabytes of information. Several of the intrusions feature command-and-control servers with IP addresses located in China, though the responsibility for the latest attack was not assigned to any country or actor.
The Inspector General's report makes a number of suggestions, including greater network segmentation, more rigorous external device approval, and an improved trouble ticket process, for improving cybersecurity at the lab.
Read more here.
About the Author(s)
You May Also Like
Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024Preventing Attackers From Wandering Through Your Enterprise Infrastructure
June 19, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024