A Rogue Raspberry Pi Let Hackers Into NASA’s JPL Network

A Rogue Raspberry Pi Let Hackers Into NASA’s JPL Network

NASA’s Jet Propulsion Laboratory (JPL) works with some of the most advanced technology in the world, including Mars rovers and space telescopes. However, it was a relatively simple piece of consumer technology that allowed hackers to break into its network and steal data. According to a report from the US Office of the Inspector General (OIG), someone connected an unauthorized Raspberry Pi to a JPL network, giving hackers a way into the systems.

While inside JPL’s network, the hackers reportedly stole about 500MB of data related to human spaceflight. If they were just some jokers on the internet, that data isn’t terribly useful. If, however, they represented an adversarial nation, the data could be extremely valuable. This would be bad enough, but the OIG review dived deeper and revealed more issues with the way JPL runs its networks.

After ransacking the JPL computers, the attackers found a route deeper into JPL’s network. They were able to access sensitive systems like the Deep Space Network, an array of radio antennas that NASA uses to communicate with distant spacecraft. The security breach was so severe that officials at Johnson Space Center decided to disconnect from the JPL network to protect projects like the Orion Multi-Purpose Crew Vehicle and International Space Station. Johnson remained disconnected from JPL until November 2018, but some connections are still restricted.

JPL is good at visiting other planets, not so much at network security.
JPL is good at visiting other planets, not so much at network security.

The OIG lambasts JPL for the shared nature of its network. A properly segmented network would have kept the attackers from branching out into other systems and threatening flight operations. The system JPL uses to track network hardware is apparently woefully incomplete and poorly maintained. Network administrators even admitted they don’t regularly check the list of new devices.

NASA and JPL have pledged to address the issues cited in the report, and the OIG will circle back to make sure that happens. We can’t take chances with major endeavors like the Artemis Program coming up.

Continue reading

Astronomers Spot Earth-Sized Rogue Planet Wandering the Galaxy
Astronomers Spot Earth-Sized Rogue Planet Wandering the Galaxy

Astronomers have identified more than 4,000 exoplanets orbiting other stars but just a few "rogue planets" wandering the galaxy without a star to call home. A new study claims to have spotted one of these worlds, and it may be a small, rocky world like Earth.

Google Told Stadia Developers They Were Making ‘Great Progress,’ Then Fired Them
Google Told Stadia Developers They Were Making ‘Great Progress,’ Then Fired Them

Google told its Stadia developers they were making "great progress." Then it fired them, less than a week later.

Pentagon May Dump $10 Billion JEDI Program Over Microsoft, Amazon Fight
Pentagon May Dump $10 Billion JEDI Program Over Microsoft, Amazon Fight

The government is so tired of fighting with Amazon over the $10 billion JEDI cloud contract that went to Microsoft, it'd rather just quit than move forward with litigation.

iFixit: Samsung ‘Ruined’ Its Smartphone Upcycling Program
iFixit: Samsung ‘Ruined’ Its Smartphone Upcycling Program

Samsung just dipped its toe in the waters of upcycling, but iFixit says Samsung lost its nerve, and that the original version of Galaxy Upcycling was going to be much more ambitious and useful.