The above is Raspberry Pi, a credit-card sized computer that costs about RM100. It started as a modest project to get a few thousand children coding but has since become the best-selling computer ever made in the UK. It is used by schools, hobbyists and in factories. It has found a role in many computer education initiatives and is also a popular choice for small-scale computing projects because it is tiny and easy to use.
Recently, the US National Aeronautics & Space Administration (NASA) reported that a hacker used a tiny Raspberry Pi computer to infiltrate National Aeronautic and Space Association (NASA) Jet Propulsion Laboratory network, stealing sensitive data and forcing the temporary disconnection of space-flight systems.
Once the attacker had won access, they then moved around the internal network by taking advantage of weak internal security controls that should have made it impossible to jump between different departmental systems.
The attacker has not been identified or caught.
When the breach became known about within NASA, it prompted some parts of the agency, including the Johnson Space Center, to stop using a core gateway that gave employees and contractors access to its other labs and locations.
This was done because it was feared the attacker could exploit their widespread access to get at flight systems controlling currently active spacecraft.
An audit report post the breach concluded that the breach came about as a result of a system administrator failing to update the database that determines which devices have access to the network and as a result, new devices could be added without proper vetting.
Using a RM100 device to hack into NASA's system? Why bother with all those sophisticated software to thwart malicious actors from penetrating your system...hmmm..one wonders
Comments