Hackers use a $25 Raspberry Pi computer to breach NASA JPL

Lunokhod 1 was the first remote-controlled rover to land on an object in space the moon in this case. It was built by the Soviet Union and landed on November 1970. Image credit NASA  Dave Scott

A rogue Raspberry Pi helped hackers access NASA JPL systems

The attacker who used the gadget to hack the network went undetected for about ten months.

That's according to a recent audit by the agency's Office of Inspector General, which reveals a number of security weaknesses affecting its Jet Propulsion Laboratory (JPL).

Auditors found users on JPL's network hadn't been limited to just the systems and applications they'd been approved to access. Or perhaps it's more accurate to say the lab mismanaged the database and that, combined with other lackadaisical security practices, led to a Raspberry Pi being used to hack a NASA research laboratory.

"Samuel L. Jackson Blasts "Spider-Man: "Far From Home" For Error: "#HeadsGonRoll"
He then added the hashtag #headsgonroll , and another that's a tad too sweary to be reproduced, so you can judge for yourself its level of obscenity below.

A Rapsberry Pi is a credit card-sized microcomputer which offers similar functionality to a standard desktop computer, and subsequently it must be protected from any exploitation using the same level of security reserved for other computers connected to a secure network.

Raspberry Pi is a teeny-tiny device that can be tinkered with to gain deceptively high capabilities. NASA has done things like this before when they launched the InSight lander back in 2018 and once when they sent the OSIRIS-REx spacecraft to the asteroid Bennu.

OIG has addressed ten recommendations made in the audit report, of which NASA has agreed to all but one: to establish a formal and documented threat-hunting process, stating that NASA's position being, "that this is not the responsibility of Caltech as a NASA contractor".

Bayliss still eager for England to play attacking cricket
Though their fourth encounter against Sri Lanka was abandoned due to bad weather conditions at Bristol County stadium. They are still fairly likely to make it through thanks to the number of wins - four - and their strong net run-rate.

However, report labels the ITSDB as "inaccurate" and "incomplete", saying that it makes JPL more prone to security related incidents.

"One system administrator told us he does not regularly enter new devices into the ITSDB as required because the database's updating function sometimes does not work and he later forgets to enter the asset information".

As smartly as to having reduced visibility to devices linked to its network and to no longer retaining assorted substances of its network separate, investigators bear moreover discovered cases of security tickets no longer being resolved for extended lessons of time.

Chennai to get 10m litres water daily by train from Vellore
Water tanker trucks are being hijacked and violence is erupting between neighboring housing settlements, said Sharma. People fighting in queues for water, many unable to take showers, and hotels warning people about water usage.

Nevertheless, now that the review report is published and the major shortcomings in NASA's networks are identified, it is now the responsibility of NASA to ensure foolproof security systems. Yes, you read it right as NASA is giving you an opportunity to have your name shipped on a celestial body.

Latest News