Was this posted already? Quick search didn’t show anything.
That is some serious stuff.
Security is expensive, and when you want to do expensive science, there is only so much budget to spend.
Quote from the article:
Scientists tend to default to collaboration after all.
Wich in a sense, is good. It gave us the WWW and everyone can access it (mostly).
Read a little further into the article and it appears that the Pi was on the network because an employee put in on the network but didn’t secure it properly. Probably kept the default creds on it and from there the attacker pivoted. Really surprised that the IT team at JPL isn’t more savvy when it comes to things like network segmentation/segregation. Just another IoT fail for the history books.
do have anything to add to this conversation?
My original intent was to let level1tech team know about this, but ok…
I think this whole situation is just insane. Hackers had access to the long range communication antennas. Who knows what kind of damage they did to the satellites that are far, far away from Earth.
They could easily(well not easily) send a patch to those remote devices in space to sabotage them or to make them return erroneous readings that would later confuse scientists into thinking there is life on other planets. This could basically be stuxnet but in space.
Hopefully all they did was steal information and not alter any of the scientific data. It would still be damaging to NASA but not as much if data was corrupted.
For me, it looks like sabotage. The purposeful action of the employee who placed the SBC there. He was paid or recruited by someone. And in this action helped the total mess that is there. It is difficult to see fish in muddy water. The rest is not the first case where PI appears in the server room as a Trojan horse. I do not believe that this is an accident or simple negligence. It is just from A to Z planned espionage or saboteur activities.
And who knows if still interested people do not have access. This reminds me of a situation in the Middle East with Triton / Trisis where the vector was program Triconex from Schneider Electric. There, apparently, the intruders sat in the middle of the network for a few years undetected.