National Aeronautics and Space Administration (NASA) information about the hacking of the internal infrastructure, which remained undetected for about a year. It is noteworthy that the network was isolated from external threats, and the hacking was carried out from the inside using a Raspberry Pi board connected without permission in the Jet Propulsion Laboratory.
This board was used by employees as an entry point to the local network. In the course of hacking an external user system that has access to the gateway, the attackers were able to gain access to the board and through it to the entire internal network of the Jet Propulsion Laboratory, which developed the Curiosity rover and telescopes launched into space.
Traces of outsiders infiltrating the internal network were identified in April 2018. During the attack, unknown persons were able to intercept 23 files, with a total size of about 500 MB, related to missions on Mars. Two files contained information subject to the prohibition on the export of dual-use technologies. In addition, the attackers gained access to a network of satellite dishes. (Deep Space Network), used to receive and send data to spacecraft used in NASA missions.
Of the reasons that contributed to the hacking, it is called
untimely elimination of vulnerabilities in internal systems. In particular, some current vulnerabilities remained unpatched for more than 180 days. The division also improperly maintained the ITSDB (Information Technology Security Database) inventory database, which should have reflected all devices connected to the internal network. The analysis showed that this database was filled inaccurately and did not reflect the real state of the network, including the Raspberry Pi board used by employees. The internal network itself was not broken into smaller segments, which made it easier for the attackers.
Source: opennet.ru