As a result of a leak in April 2018, nearly 500MB of information was stolen about Mars missions. Upon this leak, some parts of NASA disconnected from the network where the attack took place.
In April 2018, hackers infiltrated the agency’s network and stole nearly 500 MB of data on Mars missions, according to a report released by NASA’s General Audit Office this week.
Hackers used a Raspberry Pi device to infiltrate NASA’s network. The device is said to have accessed the system from NASA’s Jet Laboratory (JPL) without any authorization and without the necessary security checks.
According to the 49-page audit office report, hackers exploited the JPL network and infiltrated NASA through a shared gateway. Using this network port, hackers have access to the JPL’s infrastructure, where they have access to information about Mars missions.
The Audit Office Report says that hackers have infiltrated the JPL’s mission network with a technique called kullanıcı compromised external user system ”.
The audit report states that the hackers stole approximately 500 MB of information from 23 folders, two of which contain information about the Bilim Mars Science Lab assignment ”.
The mission of the Mars Science Lab is part of a program that controls Curiosity on Mars and many more.
Pirates Also Infiltrated NASA’s Satellite Dish Network
The main role of NASA’s JPL division is to build robots that can work on other planets like Curiosity and build satellites to orbit planets in our solar system.
In addition, the JPL controls NASA’s program called the Deep Space Network (DSN). With DSN, NASA collects information from active spacecraft and sends data to them.
Researchers say that hackers have access to the DSN network, along with the JPL’s mission network. After this breach occurred, some parts of NASA feared that the attackers would infiltrate in their own sections, disconnecting them from the JPL and DSN networks.
Officials Say Hackers Are “Talented”
According to NASA’s audit office report, the attack was undetected for almost a year. In addition, NASA’s Main Audit Office (OIG) underlines that “research is still underway”.
The report says that the JPL does not divide its network into smaller parts, so attackers can move freely for the network.
The OIG also accuses JPL of not keeping the Information and Technology Security Database (ITSDB) up-to-date. The JPL’s technical team had to register each beekeeper connected to the network to the ITSDB. The OIG underlines that the ITSDB is incomplete and flawed. For example, the Raspberry Pi device used in the attack was not entered in the database.
In addition, researchers found that JPL’s technical team was late in fixing safety-related issues. The report also found that solving problems sometimes took longer than 180 days, he added.
APT10 Did the Attack?
In December 2018, the US Department of Justice (DOJ) 2 Chinese attackers; cloud service providers, the US Navy and NASA. The DOJ reported that the attackers were part of the Chinese government’s elite hacker team APT10.
The attackers were accused of infiltrating NASA’s Goddard Space Base and the Jet Lab. However, we still do not know that these names were persons when the April 2018 attack took place, because the DOJ did not provide any information about the APT10’s infiltration into the JPL.
Also in December 2018, NASA reported another leak to its systems. This leak was independent of the April 2018 attack. The attack was discovered in October 2018, and the stolen information was reported to be only for NASA employees.