Hackers stealing Mars mission data
According to a 49-page OIG report, hackers hacked into a shared network gateway and then used the portal to penetrate the JPL network before entering the network with Mars mission information managed by NASA JPL.
OIG reports that hackers used an attacked external user system to enter the JPL task network.
NASA OIG said: "The attacker has stolen about 500MB of data from 23 files, two of which contain international weapons control information related to the mission of the Mars Science Laboratory."
The Mars Science Laboratory is a project of JPL that manages the Mars "Curious" detector.
The hacker also attacked NASA's satellite antenna network.
NASA JPL's main mission is to build and manipulate planetary robot spacecraft such as Curiosity or various satellites orbiting the solar system planets.
In addition, JPL manages NASA's Deep Space Network (DSN), a global satellite antenna network that transmits and receives information from spacecraft NASA is performing missions.
Investigators said that in addition to entering the JPL mission network, the intruders in April 2018 also visited JPL's DSN IT network. Because of fears that attackers may also turn to their systems, several other NASA organizations have cut off connections to JPL and DSN networks while invading.
Attack is characterized as a high-level persistent threat
NASA OIG said: "This attack was classified as a high-level persistent threat. It has not been discovered for nearly a year. The investigation of this incident is underway.
In the report, JPL was not blamed for splitting its internal network into smaller parts -- a basic security practice.
NASA OIG has also been accused of failing to update the Information Technology Security Database (ITSDB) in a timely manner. ITSDB is a database of JPL IT staff, where the system administrator should record each device connected to the JPL network. However, OIG found that the database records were incomplete and inaccurate.
In addition, investigators found that JPL's IT staff lagging behind in addressing any security-related issues.