A hacker infiltrated the computer network of a NASA center forcing the US space agency to temporarily disconnect space flight control systems from the affected center.
The attack began in April 2018 and continued for almost a year in the networks of the legendary Jet Propulsion Laboratory (JPL) in Pasadena, California, revealed the inspector general of NASA in a report published on 18 June 2019.
The hacker used a $35 mini-computer called Raspberry Pi, which is a credit card-size computer and plugs into the television. It is often used by amateurs and people in developing countries or elsewhere to build home systems and to learn how to code. The Raspberry Pi in question had connected without authorization to the JPL system. About 500 megabytes of data were stolen, according to the report.
The flight includes two confidential files including one containing scientific data obtained by the Curiosity rover which is on Mars. Another concerned data covered by the Export Control Act for technologies that could be used militarily.
“More importantly, the attacker managed to break into two of the JPL’s three main networks,” the report reveals. This flaw has caused NASA to fear that the hacker would be able to move from central California to other centers elsewhere in the country, including the Houston Space Center in Houston, where the control room for the International Space Station and flights are located.
Houston however has disconnected from the JPL portal to avoid any contamination. In March, the center had still not fully reconnected.