Imagine you are running a multi-billion dollar scientific research lab and someone intrudes and steals data. This is something that happened with NASA’s Jet Propulsion Laboratory (JPL) after a cyber attack was detected after being undetected for at least 10 months going back to April 2018.
The attackers associated with the recent cyber attack managed to steal 23 files amounting at 500 megabytes of data which includes highly classified files. JPL is a federally funded research lab for NASA and it is managed by the California Institute of Technology or CalTech since 1959. JPL has accomplished a number of tasks such as it look after the Voyager probes, Mars rovers, including the Mars Curiosity rover and International Space Station experiments to name a few.
When investigated, JPL found out that the attack was carried out last April using a Raspberry Pi which is a credit card-sized computer which carries a price tag of just $35. The small computer is basically used to teach coding to children although it does have various applications such as the one an attacker used to hack into NASA’s systems.
The attack was undetected for 10 months which allowed hackers to copy 23 files amounting at 500MB of storage and carried files ranging from Mars Science Laboratory Mission and International Traffic in Arms Regulations, etc. It was just recently when auditors found out users accessing parts of the systems that they were approved of which hinted about the hacking and how it carried on undetected for so long. System administrators weren’t able to track down the devices that connected to the network which is also a reason why the attack was stealthy and didn’t intercept on the radar.
This attack was just one of the many attacks that have been carried out towards stealing NASA data by targeting its weaknesses. One such incident as stated by Fox Business states how an attacker posted a malware into the JPL server while two incidents recording as early as 2009 carried Chinese IP addresses that have collectively stolen 100 gigabytes of data. In fact, there have been at least five notable attacks since 2009 including the two Chinese ones.
They also found out how two or three networks at JPL was intruded. Officials fear how these cyber attacks can potentially escape towards the mission systems thereby sending human space flight missions in jeopardy in the near future.
Since 1959, CalTech has been managing JPL and just in October last year, NASA extended the contract by five years. However, as of March this year, NASA didn’t approve JPL’s plans to implement new IT security that would have prevented such a cyber attack at the first place.