That was when a group described as an APT (Advanced, Persistent Threat) breached the Jet Propulsion Laboratory’s network via a ‘Raspberry-Pi’ device that was improperly connected to the network.
The hackers made off with more than 500MB worth of data in 23 files. Two of the files contained sensitive information relating to international Traffic in Arms Regulations relating to the Mars Science Laboratory mission.
According to investigators, the reason the hackers were able to burrow so deeply into the agency’s networks from a third-party device was that the agency did not have their network properly segmented. Once the hackers gained access, they could go pretty much anywhere they wanted.
“We also found that security problem log tickets, created in the TISB when a potential or actual IT system security vulnerability is identified, were not resolved for extended periods of time – sometimes longer than 18 days.” The investigators from the OIG said.
Late last year, the US Department of Justice charged a pair of Chinese nationals for hacking cloud providers, the US Navy, and NASA. The DOJ’s filings identified the pair as part of one of the Chinese government’s elite hacking corps known as APT10.
Given that, it is entirely possible that APT10 was behind the Raspberry Pi incident. They certainly have the skills, means and motive. Especially given Chinese interest in US technology in general and their recent big push for space exploration.
Clearly, NASA has some work to do to shore up their security, and the hope is that now that these events have come to light, the agency will take decisive steps to do just that. Good luck, NASA.