A lot of companies allow RPi's or Nuc's to be installed into the network by teams to setup interactive scrum boards and (CI) monitoring displays. For this reason they are littered with (personal) access tokens with broad permissions on CI and other important systems. Most of the time these have barely any configuration management or security best practices as the teams want to manage these themselves (Devops is what the developers call it, but there is hardly any Ops in there). Often this initiative comes from the actual Ops not being able to provide the services the developers need, for whatever technical or political reason .
I'm interpreting 'The OIG report said the hackers used "a compromised external user system" to access the JPL missions network.' as the Pi being a legitimate user's project.
aequitas|4 years ago
tgsovlerkhgsel|4 years ago