Skip to main content
  1. Home
  2. Computing
  3. News

NASA hacked: 500 MB of mission data stolen through a Raspberry Pi computer

By

The National Aeronautics and Space Administration confirmed that its Jet Propulsion Laboratory (JPL) was hacked last year, with the attacker able to steal 500 MB of data related to the space agency’s missions using a cheap Raspberry Pi computer.

The Raspberry Pi, priced at about $36 for the basic board, is one of the most versatile and understated computing platforms available in the market. The credit card-sized computer is perfect for projects such as a retro gaming station or a smart home gadgets base station, but a hacker has apparently found a twisted use for it.

NASA, in an audit report, revealed that in April 2018, JPL discovered an account that belonged to external user was compromised, and was used to steal about 500 MB of data from one of its major mission systems.

Related

The account was compromised by a hacker who used a Raspberry Pi to gain unauthorized access to the JPL network. The attacker then took advantage of the weaknesses in the laboratory’s network to remain undetected for 10 months, stealing 23 files in the process. Two of these files contained information on International Traffic in Arms Regulations, which controls the transfer of military and space-related technology, related to the Mars Science Laboratory Mission.

The auditors discovered that users on JPL’s network were able to enter systems and applications that they were not approved to access. The system administrators also did not properly track the devices added to the network. These shortcomings allowed the hacker to deeply infiltrate the network and remain undetected for a long time.

The breach was so widespread that the Johnson Space Center, which is responsible for programs such as the International Space Station, disconnected from the gateway. The space center’s officials were concerned that the hacker might be able to move into their mission systems, which may give the attacker the ability to send malicious signals to human space flight missions.

NASA and its laboratories are lucrative targets for hackers due to the agency’s research and development, which includes patents on cutting-edge technology, information security analyst Mike Thompson told Forbes. Ethical hacker John Opdenakker, meanwhile, pondered why NASA published the audit report, when it clearly stated that there were still some “critical vulnerabilities” at JPL’s systems.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
Raspberry Pi celebrates its eighth birthday with a serious price cut
raspberry pi 4 35 desktop pc screenshot

Raspberry Pi will soon be celebrating its eighth birthday (officially on February 29), and it's doing it in style by doubling the memory on its base model while keeping the price the same.

Thanks to declining prices of memory, for this celebration, you can score the 2GB Raspberry Pi 4 for $35. That's a $10 price drop that makes this upgrade cost the same as the base $35 1GB edition.

Read more
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more