Upgrades indicate that it is hackable
that NASA’s Curiosity rover is currently getting a firmware upgrade is being seen as proof that the entire project is a doddle to hack.
The rover uses VxWorks which is a popular embedded operating system that is installed in millions of devices around the world. Firmware upgrades were performed on the Spirit and Opportunity Mars rovers had their software updated in 2007. Extreme Tech
has pointed out that there is nothing to stop a hacker sending their own update to the rover.
There are two ways of getting a message to the rover. The first is to build the equivalent of NASA’s Deep Space Network (DSN) and perform uplink communications. Tricky but not impossible particularly if you are a well-funded terrorist group or state funded agency.
However it would be easier to hack into NASA and use its infrastructure to take over Curiosity. This would require you breaking into mission control at NASA’s Jet Propulsion Lab and issue your own commands via the DSN antennae. These are quite common. In March, NASA announced that it was the victim of 47 advanced persistent threat (APT) attacks, 13 of which gave Chinese hackers access to NASA’s internal network.
The Chinese hackers nicked login credentials of 150 NASA employees, which could later be used to access other secure systems. In another case the hackers gained complete control of a NASA system, allowing them to delete or modify files, upload hacking tools, and modify system logs to conceal their actions.
Fortunately for the US, the Chinese are just as interested in Curiosity’s findings and besides the whole world gets the benefits. So at the moment it is possible, but more trouble than it is worth. However it does mean that NASA might need to look at ways of securing its hardware in the near future.