• News List

  • Raspberry Pi Used to Invade NASA Network – New Threat in IoT Era


Raspberry Pi Used to Invade NASA Network – New Threat in IoT Era

Targeted attacks are veiled, silent, and sometimes completely invisible, which makes them difficult to prepare for or defend against. And now the threat of “invisible attacks” will increase as smart and connected devices get more prevalent in the market. This column discusses the threat of targeted attacks in the IoT era and its countermeasures, learned from the attack on NASA published last month.

NASA hacked: Security risks in the IoT era

According to a report issued by the NASA Inspector General on June 18, 2019, a hacker infiltrated the Jet Propulsion Laboratory (JPL) network in April 2018, stealing confidential data related to the Mars project. They have positioned this attack as a targeted attack and announced that it was under investigation.

The cyberattack on NASA is considered a textbook targeted attack case that takes advantage of risks unique to the IoT era. The features of this case include the following:

  • • A Raspberry Pi was the point of entry. The famous small PC Raspberry Pi was used to break into JPL's internal network. The device was connected to the network without permission and did not go through a proper review process by the network administrator.
  • • Ease of internal activity. After successful intrusion into the internal network, the attackers expanded the scope of activity while taking advantage of the vulnerabilities in network devices across the JPL network. In addition, they did not separate their network to restrict access to confidential data.
  • • Stealth and persistence. The first intrusion happened in April 2018, allowing the attacker around 10 months of access into the network. As a result, 23 files as 500 megabytes of information were extracted.

More points, more operations

A Raspberry Pi was used as an entry point in this case, but any device connected to the internet can be used as a possible entry point. The total number of IoT devices in the world is expected to exceed 40 billion by 2020 — providing attackers with more possible entry points and organizations with more potential devices to secure. That is one of the IoT era's biggest security risks.

In addition, companies must continue to protect their devices. In other words, it is necessary to properly operate and maintain a system consisting of an increasing amount of devices. NASA's report also pointed out that operations managers ran systems with vulnerabilities for about half a year, which facilitated the intrusion.

Partial damage percolates through the whole system

The problem doesn't end with one device, as the damage can spread from the device to the entire system. Unlike consumer devices, IoT devices deployed in enterprises are connected to various IT systems via networks managed by organizations, and these systems store valuable information such as customer information and sales data. The figure below shows the entire enterprise system divided into four functional layers:


Figure 1. The four layers of the IoT architecture

  • • Device layer: Monitors and generates data
  • • Network layer: Connects each layer
  • • Control Center layer: Controls IoT devices
  • • Data Analyzer layer: Utilizes, stores, and analyzes data.

These four layers work together in the IoT system, and all efforts to protect the entire IoT system is called IoT security. This architecture also shows that IoT security is not just a problem for the Corporate IT division but also for the line of business (LOB).

IoT devices are explosively increasing. Some devices might be invisible to the administrator. The device layer is just the starting point, and the damage could spread to the upper layers. The NASA example shows the risks involved in increasing the number of entry points, the need for system visualization, and the importance of systems that can protect the entire system.

Systems Thinking

The idea of IoT security is similar to systems thinking. Systems thinking is an approach to analysis advocated by Peter Senge, a professor of Massachusetts Institute of Technology Salone's Graduate School of Business, in his book “The Fifth Discipline.” The approach focuses on the relationship and interactions between elements related to the event to solve more fundamental problems.

As mentioned earlier, IoT Security is security for the entire IoT system. When it comes to IoT security, we typically focus on securing IoT devices, but it is much more effective to optimize the entire system. Trend Micro's IoT Security Solutions page provides an overview, as well as solutions, for each layer.

In the IoT era where the potential entry points continually increase, the Zero Trust approach would be the best choice for administrators. Each IoT system is never going to be the same, but all enterprise IoT systems have a multi-tier architecture. The defense-in-depth approach is also effective as a countermeasure against targeted attacks.

Recommended Video

Cybersecurity Risks in Complex IoT Environments

Company Information

Security Blog