A cikin rahoton binciken da aka buga kwanan nan ta NASA, ta sanar da cewa a cikin watan Afrilu 2018 cewa hackers isa ga cibiyar sadarwar hukumar sararin samaniya kuma Sun saci kusan MB 500 na bayanan da suka shafi aikin Mars.
A cewar rahoton binciken, Masu fashin kwamfuta sun kutsa kai cikin dakin gwaje-gwajen Jet Propulsion Laboratory (JPL), cibiyar bincike da ci gaba ta NASA a Pasadena, California. Rahoton ya kuma gano wasu abubuwan da suka faru na keta bayanai da kuma satar bayanai a duk wasu ayyukan hukumar.
NASA, A cikin shekaru 10 da suka gabata, JPL ya sami sanannun abubuwan da ke faruwa a cikin yanar gizo Sun lalata manyan sassan cibiyar sadarwar kwamfutarka.
Tun a cikin 2011, masu fashin kwamfuta sun sami cikakkiyar dama ga sabobin 18 hakan yana tallafawa mahimman ayyukan JPL kuma ana zargin sun sace kusan bayanai 87 GB.
Mafi kwanan nan, a cikin Afrilu 2018, JPL ta gano cewa an lalata asusun mai amfani da waje don amfani da shi wajen satar wasu bayanai na MB 500 daga ɗayan manyan tsarin aikin ta.
OIG ya ruwaito ta cikin rahoton cewa JPL yana fama da yawancin ƙarancin sarrafawa na tsaron kwamfuta wanda ke iyakance ikon ku na hana, ganowa da rage hare-haren da ake kaiwa kan tsarin ku da hanyoyin sadarwar ku.
Wannan rauni a cikin tsarin tsaro na JPL yana fallasa tsarin NASA da bayanai daban-daban ga maharan.
JPL tana amfani da bayanan bayanan Tsaro na Fasahar Sadarwa (ITSDB) don bin diddigin da sarrafa kadarorin jiki da aikace-aikace akan hanyar sadarwa.
Duk da haka, binciken ya gano cewa tarin bayanan bayanan bai cika ba kuma ba daidai bane, Halin da ke damun ikon JPL na sa ido yadda ya kamata, bayar da rahoto, da kuma amsa abubuwan tsaro.
Sysadmins basa sabunta kayan aiki da tsari lokacin daɗa sababbin na'urori zuwa cibiyar sadarwar.
Musamman, 8 daga cikin 11 tsarin ma'aikata alhakin manajan da 13 binciken samfurin tsarin da aka samu a kula da mai raba kaya tebur na tsarin su, wanda daga gare su suke sabunta bayanan lokaci-lokaci da hannu a cikin rumbun adana bayanan na ITSDB.
Hakanan, sysadmin ya bayyana cewa baya shiga sabbin na'urori akai-akai a cikin bayanan ITSDB saboda aikin sabunta bayanan wani lokacin baya aiki.
Sannan kun manta da shigar da bayanan kayan aiki.
A sakamakon haka, ana iya ƙara albarkatu zuwa cibiyar sadarwar ba tare da jami'an tsaro sun tantance su kuma sun tabbatar da su ba.
Alal misali, don watan Afrilu 2018 cyberattack, wanda ya baiwa maharan damar satar bayanai kimanin MB 500 akan wasu ayyukan NASA a duniyar Mars amfani da wannan raunin musamman lokacin da dan gwanin kwamfuta ya sami damar sadarwar JPL tare da Rasberi Pi ba a ba shi izinin haɗi zuwa cibiyar sadarwar JPL ba.
Masu fashin kwamfuta sunyi amfani da wannan hanyar shigarwa don kutsawa cikin cibiyar sadarwar JPL yayin yin kutse cikin hanyar sadarwar da aka raba.
Wannan aikin ya ba maharan damar samun damar shiga sabar wanda ke adana bayanai game da manufa zuwa duniyar Mars wanda dakin binciken JPL na NASA yayi, daga inda suka fitar da bayanai kimanin MB 500.
Abubuwan da ke faruwa a watan Afrilu na 2018 sun yi amfani da rashin rarrabuwa na hanyar JPL don matsawa tsakanin tsarin daban-daban da aka haɗa da ƙofar, gami da ayyukan ayyukan JPL da DSN.
Saboda, a cikin Mayu 2018, manajan tsaro na IT a Johnson Space Center waɗanda ke gudanar da shirye-shirye kamar Motar Motar Duk-Wheel da Tashar Sararin Samaniya ta Duniya sun yanke shawarar cire wucin gadi daga gadar ne saboda dalilai na tsaro.
Jami'ai sun ji tsoron hare-haren wuce gona da iri na iya haye gada ta hanyar tsarin ayyukansu, mai yuwuwar samun dama.
Wannan ya ce, NASA ba ta ambaci wasu sunaye kai tsaye da suka shafi harin na Afrilu 2018. Amma, wasu suna ganin cewa wannan na iya kasancewa da nasaba da ayyukan kungiyar satar bayanan China da aka fi sani da suna Advanced Persistent Threat 10, ko APT10.