The US Office of the Inspector General (OIG) issued a report detailing cybersecurity incidents at NASA’s Jet Propulsion Laboratory (JPL), which includes insight into how a Raspberry Pi was used to hack into NASA’s system.
“Over the past 10 years, JPL has experienced several notable cybersecurity incidents that have compromised major segments of its IT network,” the OIG stated.
In 2011, hackers gained full access to JPL’s servers and stole approximately 87GB of data, while a more recent hack in April 2018 saw attackers stealing around 500MB of data from one of NASA’s major mission systems.
The latter of these cyber attacks was facilitated through the exploitation of an unauthorised Raspberry Pi computer attached to the JPL network.
A Rapsberry Pi is a credit card-sized microcomputer which offers similar functionality to a standard desktop computer, and subsequently it must be protected from any exploitation using the same level of security reserved for other computers connected to a secure network.
“The device should not have been permitted on the JPL network without the JPL OCIO’s review and approval,” the OIG said.