Forwarded from BlackBox (Security) Archiv
NASA hacked because of unauthorized Raspberry Pi connected to its network
NASA described the hackers as an "advanced persistent threat," a term generally used for nation-state hacking groups.
A report published this week by the NASA Office of Inspector General reveals that in April 2018 hackers breached the
agency's network and stole approximately 500 MB of data related to Mars missions.
The point of entry was a Raspberry Pi device that was connected to the IT network of the NASA Jet Propulsion Laboratory (JPL) without authorization or going through the proper security review.
Hackers stole Mars missions data
According to a 49-page OIG report, the hackers used this point of entry to move deeper inside the JPL network by hacking a shared network gateway.
The hackers used this network gateway to pivot inside JPL's infrastructure, and gained access to the network that was storing information about NASA JPL-managed Mars missions, from where he exfiltrated information.
The OIG report said the hackers used "a compromised external user system" to access the JPL missions network.
"The attacker exfiltrated approximately 500 megabytes of data from 23 files, 2 of which contained International Traffic in Arms Regulations information related to the Mars Science Laboratory mission," the NASA OIG said.
The Mars Science Laboratory is the JPL program that manages the Curiosity rover on Mars, among other projects.
Hackers also breached NASA's satellite dish network
NASA's JPL division primary role is to build and operate planetary robotic spacecraft such as the Curiosity rover, or the various satellites that orbit planets in the solar system.
In addition, the JPL also manages NASA's Deep Space Network (DSN), a worldwide network of satellite dishes that are used to send and receive information from NASA spacecrafts in active missions.
Investigators said that besides accessing the JPL's mission network, the April 2018 intruder also accessed the JPL's DSN IT network. Upon the dicovery of the intrusion, several other NASA facilities disconnected from the JPL and DSN networks, fearing the attacker might pivot to their systems as well.
PDF:
https://oig.nasa.gov/docs/IG-19-022.pdf
https://www.zdnet.com/article/nasa-hacked-because-of-unauthorized-raspberry-pi-connected-to-its-network/
#pdf #nasa #hack #raspberry
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
NASA described the hackers as an "advanced persistent threat," a term generally used for nation-state hacking groups.
A report published this week by the NASA Office of Inspector General reveals that in April 2018 hackers breached the
agency's network and stole approximately 500 MB of data related to Mars missions.
The point of entry was a Raspberry Pi device that was connected to the IT network of the NASA Jet Propulsion Laboratory (JPL) without authorization or going through the proper security review.
Hackers stole Mars missions data
According to a 49-page OIG report, the hackers used this point of entry to move deeper inside the JPL network by hacking a shared network gateway.
The hackers used this network gateway to pivot inside JPL's infrastructure, and gained access to the network that was storing information about NASA JPL-managed Mars missions, from where he exfiltrated information.
The OIG report said the hackers used "a compromised external user system" to access the JPL missions network.
"The attacker exfiltrated approximately 500 megabytes of data from 23 files, 2 of which contained International Traffic in Arms Regulations information related to the Mars Science Laboratory mission," the NASA OIG said.
The Mars Science Laboratory is the JPL program that manages the Curiosity rover on Mars, among other projects.
Hackers also breached NASA's satellite dish network
NASA's JPL division primary role is to build and operate planetary robotic spacecraft such as the Curiosity rover, or the various satellites that orbit planets in the solar system.
In addition, the JPL also manages NASA's Deep Space Network (DSN), a worldwide network of satellite dishes that are used to send and receive information from NASA spacecrafts in active missions.
Investigators said that besides accessing the JPL's mission network, the April 2018 intruder also accessed the JPL's DSN IT network. Upon the dicovery of the intrusion, several other NASA facilities disconnected from the JPL and DSN networks, fearing the attacker might pivot to their systems as well.
PDF:
https://oig.nasa.gov/docs/IG-19-022.pdf
https://www.zdnet.com/article/nasa-hacked-because-of-unauthorized-raspberry-pi-connected-to-its-network/
#pdf #nasa #hack #raspberry
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
Bye Raspbian! Long Live Raspberry Pi OS!
https://www.cnx-software.com/2020/06/01/bye-rasbian-long-live-raspberry-pi-os
π‘ @cnxsoftware
#raspbian #rpi #raspberry
https://www.cnx-software.com/2020/06/01/bye-rasbian-long-live-raspberry-pi-os
π‘ @cnxsoftware
#raspbian #rpi #raspberry
CNX Software - Embedded Systems News
Bye Raspbian! Long Live Raspberry Pi OS!
Raspbian is dead! Well, not really, as it lives on as "Raspberry Pi OS" with 32-bit and 64-bit versions, and the latest release brings a few new features.
Android Automotive OS 11 running on a Raspberry Pi
https://medium.com/snapp-automotive/android-automotive-os-11-on-a-raspberry-pi-2abaa133f468
#android #rpi #Raspberry #pi #cars #automotiveos
https://medium.com/snapp-automotive/android-automotive-os-11-on-a-raspberry-pi-2abaa133f468
#android #rpi #Raspberry #pi #cars #automotiveos
Medium
Android Automotive OS 11 on a Raspberry Pi
Snapp Automotive have completed the work needed to bring-up Android Automotive OS 11 on a Raspberry Pi.
How to make a Raspberry Pi Home Air Quality Monitor
https://www.tomshardware.com/how-to/raspberry-pi-air-quality-monitor
#Raspberry #Pi #Air #Quality
https://www.tomshardware.com/how-to/raspberry-pi-air-quality-monitor
#Raspberry #Pi #Air #Quality
Tom's Hardware
How to make a Raspberry Pi Home Air Quality Monitor
See whatβs in the air in your house.