On Tue, 25 Jun 2019 09:31:15 -0500, Elardus Engelbrecht wrote:
>With all these recent loong discussions about 'security', 'hacking',
>'pen-tests', 'clueless managament', etc. this is interesting:
>
>Ok, that is old news to you especially these security gurus, hackers stole
>from NASA some 500 MB data using a Rasberry PI since April 2018.
>
Well, that would be $35 + keyboard + mouse + display + power supply.
But the π itself is easy enough to smuggle in a shirt pocket.
>Scary part - it was undetected for nearly a year...
>
>More scary part - system administrator failed to update the database that
>determines which devices have access to the network. As a result, new devices
>could be added without proper vetting.
>
>URLs:
>
>https://www.news24.com/World/News/hacker-used-35-computer-to-steal-restricted-nasa-data-20190625
>
>
>https://www.cnet.com/news/raspberry-pi-hack-puts-nasa-in-security-jam/
>
>https://www.zdnet.com/article/nasa-hacked-because-of-unauthorized-raspberry-pi-connected-to-its-network/
>
>Original source of this all the way from Office of Inspector General at NASA:
>https://oig.nasa.gov/docs/IG-19-022.pdf
>
>
>Older hack at NASA - NASA disclosed data breach on 2018/12/19 ...
>
>https://www.zdnet.com/article/nasa-discloses-data-breach/
>
>PS: nothing about this is shown on nasa.gov or jpl.nasa.gov
>
>Ouch...
-- gil
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
