Thank you for Subscribing to Apac CIO Outlook Weekly Brief
Major Security Lapse at Nasa: Inquiry Confirms High-end Hack Last Year
A federal probe into the April 2018 high-end security breach on NASA’s Jet Propulsion Laboratory has revealed shocking details which will certainly trigger enormous changes in the existing security measures at NASA.
Fremont, CA: NASA, the National Aeronautics and Space Administration in the U.S. has confirmed that its Jet Propulsion Laboratory was the victim of a high-end hack in April last year. The hack led to about 500 MB of data being stolen from critical mission networks.
JPL primarily focuses on developing and operating robotic planetary spacecrafts. Curiosity rover is a familiar example.
It appears that the hackers could permeate the space agency’s networks through a non-authorized Raspberry Pi that was connected to the JPL servers. What adds to the complexity of the scenario is the extent to which the hackers could proceed; the inquiry confirmed the hackers even tried to access the DSN (Deep Space Networks) range of giant international radio telescopes besides many other JPL systems. DSNs are the world’s biggest and extremely sensitive scientific telecommunication networks.
Amidst reports of cyber intrusions coming from across the globe, this incident from a place of complete security is really an eye-opener and points out to how advanced and well-prepared the current cyber criminals are.
It is now evident through the inquiry report that JPL lacked an extensive or a precise inventory of the network system components. What could be confirmed is that JPL ignored even the basic requirement of having a security control system in place for continuously monitoring and detecting cyber threats. As a result, the presence of an unauthorised Raspberry Pi went unnoticed. The report also highlights the IT department at JPL was rather slow in fixing several security-related concerns.
Among the 23 files that were stolen, there were critical files that contained top secret information with respect to the worldwide Traffic in Arms Regulation along with the Mars Science Laboratory mission project.
Amidst all these revelations on major security lapses from a space agency, whose most critical aspect should be security, eliminating any future cyber attacks is vital to retain its status as a world leader in aeronautics and space research.