SoylentNews

takyon writes:

Feds: Cyberattack on NASA's JPL Threatened Mission-Control Data

NASA's Jet Propulsion Laboratory (JPL) may know how to send delicate equipment to Mars, but basic cybersecurity best practices appear to pose an issue for it. A comprehensive federal review has detailed an April 2018 security incident that compromised mission systems – stemming from multiple IT security-control weaknesses exposing NASA systems and data. The review, released Tuesday and carried out by the U.S. Office of the Inspector General, said that the weaknesses "reduce JPL's ability to prevent, detect and mitigate attacks targeting its systems and networks."

Specifically, poor practices when it comes to network segmentation and third parties were source of a cyberattack in April 2018, OIG said. In that incident, hackers targeted a Raspberry Pi computer that was not authorized to be attached to the JPL network, exploited it, and then proceeded to take advantage of the network's lack of segmentation to find a network gateway and pivot deeper into the system.

The attack had deep-space repercussions (literally) that spread to mission control in Houston. The adversaries were able to move between various systems connected to the pwned gateway, including those involved in multiple JPL mission operations and the Deep Space Network (DSN), which is NASA's international array of giant radio antennas that supports interplanetary spacecraft missions. "As a result [of the hack], in May 2018 IT security officials from the Johnson Space Center (Johnson), which handles such programs as the Orion Multi-Purpose Crew Vehicle and International Space Station, elected to temporarily disconnect from the gateway due to security concerns," OIG explained.

Also at Engadget and PC Magazine.

Original Submission