Despite being a bit dusty and disused at the moment, NASA remains one of the brightest symbols of American technological achievement, innovation and development. That said, one would think the space agency’s computer systems would be impenetrable to hackers and the such. Not so.
Congressional testimony from NASA Inspector General Paul K. Martin last week revealed that NASA’s security systems are sub-par, at best: 13 of 47 targeted attacks on the space agency over the past year were successful. In some of those cases, the hackers had “full functional control” over NASA systems and made off with loads of data and codes about some of our most sensitive programs that could be sold for millions on the black market.
The most alarming security breach, however, may not be in NASA’s systems, but among some of their more forgetful or irresponsible employees. As Popular Science points out, Martin told Congress that a total of 48 mobile devices have been lost or stolen between the Aprils of 2009 and 2011. And that some of those gadgets held the codes for the International Space Station.
From Martin’s testimony:
Between April 2009 and April 2011, NASA reported the loss or theft of 48 Agency mobile computing devices, some of which resulted in the unauthorized release of sensitive data including export-controlled, Personally Identifiable Information (PII), and third-party intellectual property. For example, the March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station. Other lost or stolen notebooks contained Social Security numbers and sensitive data on NASA’s Constellation and Orion programs.Moreover, NASA cannot consistently measure the amount of sensitive data exposed when employee notebooks are lost or stolen because the Agency relies on employees to self-report regarding the lost data rather than determining what was stored on the devices by reviewing backup files.
Martin also testified that only one percent of all NASA laptops are encrypted and recommended an entire system overhaul, which obviously is desperately needed.
But it’s not all bad for NASA. Martin noted that the NASA investigation led to the arrests of at least 14 people, including a Texan, two Romanians, a Chinese national and six Estonians. Estonian hackers trying to take down NASA? How very Cold War of them.
(Note on the image: That is the Sombrero Galaxy. It has a super massive black hole at its center, a hole that represents the holes in NASA’s $1.5 trillion IT system. Get it?!)
March 06, 2012 at 3:48 pm, Space station safe from hackers, NASA official says – msnbc.com | Tucson AZ News and Weather said:
[...] PracticesCIOHow NASA Technology Affects The ConsumerRedOrbitTallahassee.com -CBS News -Death and Taxesall 55 news [...]
March 06, 2012 at 3:54 pm, When It Comes to Hackers, Be Afraid, Be Very Afraid – Patch.com | Tech Starr | Daily Technology News Magazine said:
[...] told lawmakers this week.Wi-Fi security really isn't rocket scienceCape Cod Times (subscription)It is shockingly easy to hack NASADeath and TaxesNelson wants NASA to explain cybersecurity lapsesTallahassee.comTopNews United [...]
March 09, 2012 at 11:14 pm, » When It Comes to Hackers, Be Afraid, Be Very Afraid – Patch.com » Bipartisan Report said:
[...] News48 NASA Laptops Stolen in Two Years: A Case for Better Encryption PracticesPCWorldDeath and Taxes -Sacramento Bee -Aviation Weekall 55 news [...]