User accountThe hackers managed to obtain access to the internal network of JPL by taking over the user account of the Raspberry Pi. The RPi was connected to the network by an employee, but as the result of lax controls, the IT managers from NASA did not know that the RPi was present. As a consequence the vulnerable device remained connected to the network unmonitored, so that the hackers were able to use it for 10 months to steal information.
Credit cardThe Raspberry is, as Elektor readers will know, a cheap computer in credit card format that is used much for educational purposes and for small-scale computer projects, because of its small dimensions and ease of use.
Once the hackers had obtained access, they could freely move around the network thanks to the weak internal security, although this should have been impossible.
The hackers have not yet been identified, let alone arrested.
The stolen data came from 23 files, no further information has been made available about the contents.
Source: BBC News