Confirmed: NASA Has Been Hacked OIG Report Finds (Learn More, Video)

June 25, 2019

The extent of the breach, which happened in April 2018, was such that the Johnson Space Center, with responsibility for programs including the International Space Station, decided to disconnect from the gateway altogether. (Pictured here, NASA astronaut Drew Feustel, shown during a spacewalk at the International Space Station March 29. Courtesy of NASA.)

June 20, 2019 – In Breaking News – Forbes

The U.S. National Aeronautics and Space Administration (NASA) this week confirmed that its Jet Propulsion Laboratory (JPL) has been hacked.

An audit document from the U.S. Office of the Inspector General was published by NASA this week.

It reveals that an unauthorized Raspberry Pi computer connected to the JPL servers was targeted by hackers, who then moved laterally further into the NASA network.

(NASA’s Jet Propulsion Laboratory (JPL) suffers from multiple cybersecurity weaknesses despite the advances it has achieved in space technology, according to the agency’s Office of Inspector General (PDF). Investigators looked into the research center’s network security controls after an April 2018 security breach, wherein a Raspberry Pi that was not authorized to be linked to the JPL network was targeted by hackers. The attackers were able to steal 500 megabytes of data from one of its major mission systems, and they also used that chance to find a gateway that allowed them to go deeper into JPL’s network. Courtesy of Engadget and YouTube. Posted on Jun 20, 2019.)

How much further? Well, the hackers apparently got as far as the Deep Space Network (DSN) array of radio telescopes and numerous other JPL systems.

The extent of the breach, which happened in April 2018, was such that the Johnson Space Center, with responsibility for programs including the International Space Station, decided to disconnect from the gateway altogether.

Without going into all the technical detail of every mistake that has been identified by this audit, needless to say it paints a very poor picture of JPL network security indeed. (Courtesy of NASA)

The audit report states that, “Johnson officials were concerned the cyber attackers could move laterally from the gateway into their mission systems, potentially gaining access and initiating malicious signals to human space flight missions that use those systems.”

If that sounds pretty serious stuff, it’s because it is.

What’s more, the report says that while the use of limited spacecraft data was restored in March this year, as of that date, “Johnson had not restored its use of all communications data because of continuing concerns about its reliability.”

Without going into all the technical detail of every mistake that has been identified by this audit, needless to say it paints a very poor picture of JPL network security indeed.

Everything from poor IT asset visibility and security violation ticket resolution shortcomings, through to untimely delays in patching known vulnerabilities were detailed by the auditors.

All in all it reads like a security basics 101 list that has been ignored.

System administrators lacked security certifications, no role-based security training was in place and JPL, unlike the main NASA security operations center (SOC), didn’t even have a round-the-clock incident reporting capability.

Continue reading… Confirmed: NASA Has Been Hacked

Learn More…

(Cybersecurity at NASA extends from maintaining email systems at the agency’s Washington headquarters to guarding U.S. networks in Russia, where Americans serve on crews working with the International Space Station. Bloomberg’s Nafeesa Syeed has more on NASA’s cybersecurity challenges. Courtesy of Bloomberg Technology and YouTube. Posted on on Apr 12, 2017.)

AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:

Provides named sources
Reported by more than one notable outlet
Includes supporting video, direct statements, or photos