The National Aeronautics and Space Administration (NASA), responsible for cutting-edge technology in science and space, recently had 500 MB of data stolen from their Jet Propulsion Laboratory.
One might ponder at the expected enormous amount of computing power required to breach such a reputable technology system, but the perpetrator managed to complete the task using only a $25 Raspberry Pi, a barebones computer that can fit in the palms of your hands.
The Raspberry Pi hack went undetected for 10 months, according to the NASA Office of Inspector General, and the perpetrator stole 500 MB of data from 23 files. Two of those files contained information on the transfer of restricted military and space technology related to the Mars Curiosity Rover mission, according to the June audit report.
While the intruder has evaded authorities, the audit report highlights that other devices were also attached to the network without NASA's knowledge. But none of the other devices have been marked as a security risk or an "advanced persistent threat," a term usually meant for nation-state hacking groups.
As a result of the hack, NASA stopped some of its agencies from using a core gateway due to fear that the hacker could harm currently active spacecraft. It's also one of the reasons why public WiFi is so unsafe.
According to the space agency's recent report, NASA had failed at even the most basic institutional security practices. Because their IT inventory was incomplete and inaccurate, the JPL couldn’t effectively monitor and report security incidents. Therefore, the cybercriminals were able to connect to the network without authorization and remained undiscovered.
Additionally, the agency did not separate its networks, so the hackers were able to move across them. They accessed two of the three primary JPL networks and got as far as the Deep Space Network. This is a global satellite network that sends and receives information to spacecraft on active missions. The system could be used to send malicious signals to human space flight missions.
The breach went undetected for nearly a year. Surprisingly, the NASA report admits that some of the security flaws are still not fixed.
The fact that hackers were able to breach JPL with a Raspberry Pi means that even the most technologically advanced organization in the world is not immune to a cheap, easy-to-use device. Just think what an amateur hacker could do to your networks with a little know-how.
Interested in improving your online security even further? Consider getting a VPN! Subscribe and download Hotspot VPN today at low costs for unlimited browsing and ultra-fast streaming.