Raspberry Pi is a teeny-tiny device that can be tinkered with to gain deceptively high capabilities. This has been proved by a recent report which confirmed that a NASA lab was hacked using a Raspberry Pi.
The breach occurred in April 2018 where NASA’s Jet Propulsion Laboratory (JPL) was hacked and 500MB of data from major mission systems was stolen.
A federal report of the incident confirmed that a Raspberry Pi was used to gain access to the system. It also highlighted the major security lapses that were present in NASA’s network for about a decade and made the breach possible.
The US Office of the Inspector General (OIG) review states that a Raspberry Pi was connected to the JPL network without authorization.
Upon discovering this weak point, hackers exploited the Pi to gain access to the network and compromised JPL systems as well as the Deep Space Network (DSN) — the world’s largest and most sensitive scientific telecommunications system.
The report also revealed how poor overall system security is at the world’s most prominent space agency. Apparently, the system administrators did not consistently update the inventory system while adding new devices to the network.
The report mentioned that one system administrator confessed: “He does not regularly enter new devices into the ITSDB as required because the database’s updating function sometimes does not work and he later forgets to enter the asset information.”
Moreover, the fact that the network is a shared one rather than segmented, allowed hackers to move freely between the different systems. Such a poor security setup could potentially allow hackers to gain access and initiate “malicious signals to human space flight missions.”
Nevertheless, the shortcomings of NASA’s network security have been identified and dealt with.