Classified NASA Files on Mars Mission Hacked in 'Advanced Persistent' Attack

© NASA . NASAimage from NASA Mars rover Opportunity of the Martian surface (NASA)
image from NASA Mars rover Opportunity of the Martian surface (NASA) - Sputnik International
Subscribe
NASA’s Jet Propulsion Laboratory (JPL) might boast top-notch technology to build Martian rovers and send them to search for life on the Red Planet, but it appears to be severely lacking in cybersecurity, with NASA sometimes unable to keep tabs on devices connected to its network.

A report published by NASA’s Office of the Inspector General states that rogues continuously hacked and nicked a total of 500 megabytes of data from NASA’s Jet Propulsion Laboratory in Pasadena without being detected for nearly a year. The breach was discovered in April 2018, the 49-page report said adding the hack included (among other documents) two files containing classified information on the Curiosity rover Mars mission.

The hackers were discovered to have used a credit card-sized computer - a Raspberry Pi device – as a point of entry, along with a compromised external user account to break into the JPL, with the hack largely repeating similar ones back in 2009, 2011, 2014, and 2016.

NASA’s OIG said the attack was classified as “an advanced persistent threat” stressing that the investigation into this incident is still underway.

The report blamed the JPL for failing to keep the Information Technology Security Database (ITSDB) complete, where JPL IT staff is expected to log every single device into the system on an individual basis. Incidentally, during the attack, the Raspberry I device was spotted as not having been entered into the ITSDB inventory.

Separately, the report pointed to security issues remaining unresolved over lengthy periods of time, despite making themselves obvious:

"We also found that security problem log tickets, created in the ITSDB when a potential or actual IT system security vulnerability is identified, were not resolved for extended periods of time-sometimes longer than 180 days”, the report said.

The issue has immediately been picked up on Twitter, with netizens eagerly sharing the link to the report:

“Great case study to push for Network Access Control (NAC). An unknown device should not be able to route to anywhere else on the network”, one noted, while another expressed pity over not being a security expert:

“If I was younger and choosing a career, Cyber Security would be it. I'd love it!” he said.

Many more were genuinely baffled by the news, apparently not expecting the breach to have happened in the landmark NASA laboratory:

Similar news was reported in December 2018, when the US Department of Justice charged two Chinese nationals with hacking cloud providers, NASA (NASA Goddard Space Centre and the Jet Propulsion Laboratory), and the US Navy.

The DoJ claimed then the pair were part of one of the Chinese government’s elite hacking groups known as APT10. Around the same time, NASA announced another breach: in a separate incident in October 2018, some digital intruder(s) got their hands on NASA employee-related data.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала