Wednesday, 21 August, 2019

NASA's New Rover Gets Shiny New Set Of Wheels And Legs

Hackers Stole Data From NASA JPL Using Cheap Raspberry Pi Computer A rogue Raspberry Pi helped hackers access NASA JPL systems
Sandy Nunez | 23 June, 2019, 19:40

The Johnson Space Center in Houston disconnected its mission systems from JPL's exploited gateway because of fears that the hacker could move into its mission systems; it resumed using limited data in March 2019.

The report also points out that back in 2011, the same JPL department had suffered another data breach where cyber intruders had gained full access to 18 servers supporting key JPL missions and stole 87 gigabytes of data. The device was exploited easily by the hacker (s) who managed to access various JPL systems as well as the Deep Space Network (DSN), the name given to the global range of giant radio telescopes of NASA.

The report also revealed how poor overall system security is at the world's most prominent space agency. Apparently, the network was not always being identified and reviewed by a security official while adding new devices to the network.

Among a number of security flaws at JPL, including inadequate security controls, and a lack of admin visibility into network access, the investigators found that an unauthorised micro computer allowed hackers to gain access to steal the mission data.

Fernando Torres: Former Liverpool, Chelsea & Spain striker to retire
He will reveal more about his decision to retire at a press conference in Tokyo on Sunday at 1000 local time (0200BST). He also won the FA Cup and scored in their 2-1 win against Benfica in the Europa League final in 2013.

Simply put, "the device should not have been permitted on the JPL network without the JPL Office of the Chief Information Officer's (OCIO) review and approval", the report states. This led to a concern the hackers could potentially gain access and initiate "malicious signals to human space flight missions".

JPL uses a special database for tracking devices and applications on its network, but according to auditors, this was "incomplete and inaccurate". And finally, security problems weren't being dealt with quickly enough, for example, security vulnerabilities were logged, but left unresolved for 180 days or more.

And in 2014, the rover also located some sort of "white spot" which might've been a glint from the "rock surface reflecting the Sun", according to Dr Justin Maki, a scientist at NASA'S Jet Propulsion Lab. The OIG recommended fixes for a variety of security issues, and OIG will verify those fixes have been completed before closing its report.