Embikweni wokucwaningwa kwamabhuku osanda kushicilelwa ngu INASA, yamemezela ukuthi ngo-Ephreli 2018 lokho kubaduni ifinyelele kwinethiwekhi ye-ejensi yesikhala futhi Bantshontsha imininingwane engaba ngu-500 MB ehlobene nomsebenzi weMars.
Ngokombiko wocwaningo, Abagengebi bangena ngaphakathi eJet Propulsion Laboratory (JPL), okuyisikhungo socwaningo nentuthuko esixhaswe yi-NASA ePasadena, eCalifornia. Lo mbiko uphinde ukhombe ezinye izehlakalo zokwephulwa kwemininingwane nokwebiwa kwemininingwane kuyo yonke imikhankaso eyahlukene yale nhlangano.
INASA, Eminyakeni eyi-10 eyedlule, i-JPL ibhekane nezehlakalo eziningana eziphawulekayo zokuphepha kwe-cyber Ziyekethise izingxenye ezibalulekile zenethiwekhi yekhompyutha yakho.
Kusukela ngo-2011, abaduni bathola ukufinyelela okugcwele kumaseva ayi-18 esekela ukuthunyelwa kwe-JPL okuyisisekelo futhi okusolwa ukuthi yeba cishe idatha engama-87 GB.
Muva nje, ngo-Ephreli 2018, i-JPL ithole ukuthi i-akhawunti yomsebenzisi engaphandle isengozini futhi isetshenziselwe ukweba idatha engama-500 MB kolunye lwezinhlelo zayo eziyinhloko.
I-OIG ibike ngalo mbiko ukuthi i-JPL ikhungethwe yizinkinga eziningi zokulawula Ukuphepha kwamakhompiyutha okunqinda amandla akho okuvikela, ukuthola nokunciphisa ukuhlaselwa okuqondiswe kumasistimu akho nakunethiwekhi
Lokhu kubuthakathaka ohlelweni lwezokuphepha lwe-JPL kuveza izinhlelo ezahlukahlukene ze-NASA nedatha ekuhlaselweni okuhlukahlukene ngabaduni.
I-JPL isebenzisa i-database yayo ye-Information Technology Security (ITSDB) ukulandelela nokuphatha izimpahla ezibonakalayo kanye nezinhlelo zokusebenza kunethiwekhi yayo.
Nokho, ukucwaningwa kwamabhuku kutholile ukuthi uhlu lwama-database aluphelele futhi alunembile, isimo esibeka engcupheni ikhono le-JPL lokuqapha ngempumelelo, ukubika, nokuphendula ezehlakalweni zokuphepha.
AmaSysadmin awavuseleli ngokuhlelekile uhlu lapho ungeza amadivayisi amasha kunethiwekhi.
Ngokuqondile, Abaphathi besistimu abayi-8 kwabangu-11 ababhekele ukuphatha amasampula amasampula ocwaningo ayi-13 atholakala egcina itafula lezimpahla ezihlukile wezinhlelo zabo, lapho babuyekeza khona imininingwane ngezikhathi ezithile nangezandla ku-database ye-ITSDB.
Futhi, i-sysadmin yathi ibingangeni njalo amadivayisi amasha ku-database ye-ITSDB ngoba umsebenzi wokuvuselela i-database kwesinye isikhathi wawungasebenzi.
Ngemuva kwalokho ukhohliwe ukufaka imininingwane yezinsizakusebenza.
Ngenxa yalokhu, izinsizakusebenza zingangezwa kunethiwekhi ngaphandle kokukhonjwa kahle nokuqinisekiswa yizikhulu zokuphepha.
Isibonelo, we-cyberattack ka-Ephreli 2018, evumela abahlaseli ukuthi bantshontshe imininingwane engaba ngu-500 MB emishini ehlukahlukene yeNASA kwiplanethi iMars baxhaphaze lobu buthakathaka obuthile lapho isigebengu sifinyelela inethiwekhi ye-JPL nge-Raspberry Pi ayigunyaziwe ukuxhuma kunethiwekhi ye-JPL.
Abaduni basebenzise le ndawo yokungena ukuze bangene inethiwekhi ye-JPL ngenkathi begqekeza isango lenethiwekhi elabiwe.
Lesi senzo sivumele abahlaseli ukuthi bakwazi ukufinyelela kumaseva egcina imininingwane mayelana nokuthunyelwa ku-Mars okwenziwa ilabhorethri yeNASA ye-JPL, lapho baveze khona imininingwane engaba ngu-500 MB
Isigameko sango-Ephreli 2018 sokuhlaselwa kwe-cyber sisebenzise ukungabikho kwehlukaniso kwenethiwekhi ye-JPL ukuhamba phakathi kwezinhlelo ezahlukahlukene ezixhunywe esangweni, kufaka phakathi imisebenzi ehlukahlukene ye-JPL mission ne-DSN.
Ngenxa yalokho, ngoMeyi 2018, abaphathi bezokuphepha be-IT eJohnson Space Center abaqhuba izinhlelo ezifana ne-Orion All-Wheel Crew Vehicle kanye ne-International Space Station Banqume ukunqamula isikhashana ebhulohweni ngenxa yezizathu zokuphepha.
Izikhulu zisaba ukuthi ukuhlaselwa nge-cyber kuzonqamula leli bhuloho kungene ezinhlelweni zazo, okungenzeka ukuthi zikwazi ukufinyelela.
Lokho kusho ukuthi, iNASA ayizange isho noma yimaphi amagama ahlobene ngqo nokuhlaselwa kuka-Ephreli 2018. Kodwa-ke, abanye bacabanga ukuthi lokhu kungahle kuhlobene nezenzo zeqembu lokugenca laseChina elaziwa njengegama i-Advanced Persistent Threat 10, noma i-APT10.