On Tue, 25 Jun 2019 09:31:15 -0500, Elardus Engelbrecht wrote: >With all these recent loooooong discussions about 'security', 'hacking', >'pen-tests', 'clueless managament', etc. this is interesting: > >Ok, that is old news to you especially these security gurus, hackers stole >from NASA some 500 MB data using a Rasberry PI since April 2018. > Well, that would be $35 + keyboard + mouse + display + power supply.
But the π itself is easy enough to smuggle in a shirt pocket. >Scary part - it was undetected for nearly a year... > >More scary part - system administrator failed to update the database that >determines which devices have access to the network. As a result, new devices >could be added without proper vetting. > >URLs: > >https://www.news24.com/World/News/hacker-used-35-computer-to-steal-restricted-nasa-data-20190625 > > >https://www.cnet.com/news/raspberry-pi-hack-puts-nasa-in-security-jam/ > >https://www.zdnet.com/article/nasa-hacked-because-of-unauthorized-raspberry-pi-connected-to-its-network/ > >Original source of this all the way from Office of Inspector General at NASA: >https://oig.nasa.gov/docs/IG-19-022.pdf > > >Older hack at NASA - NASA disclosed data breach on 2018/12/19 ... > >https://www.zdnet.com/article/nasa-discloses-data-breach/ > >PS: nothing about this is shown on nasa.gov or jpl.nasa.gov > >Ouch... -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN