Despite significant advances in technology development for space exploration, NASA's Jet Propulsion Laboratory (JPL) has many cybersecurity gaps, according to a report from the Office of the Inspector General (OIG).
OIG staff conducted an audit of the research center's network security measures following a hack in April 2018, in which attackers entered the computer system through a Raspberry Pi computer that was not authorized to connect to the JPL network. The hackers managed to steal 500 MB of information from the database of one of the main missions, and they also took this opportunity to find a gateway that would allow them to penetrate even deeper into the JPL network.
Deeper penetration into the system gave hackers access to several major missions, including NASA's Deep Space Network, an international network of radio telescopes and communications equipment used for both radio astronomy research and spacecraft control.
As a result, the security teams of some programs relevant to national security, such as the Orion multirole crew and the International Space Station, have decided to disconnect from the JPL network.
OIG also noted a number of other deficiencies in NASA's Jet Propulsion Laboratory's cybersecurity efforts, including failure to implement NASA's incident response recommendations.
Source: 3dnews.ru