NASA Hacked (Again) - International Mass Media

Hackers targeting sensitive NASA computers have gained access to employee credentials and taken control of systems at NASA's Jet Propulsion Laboratory, among other things, a federal report says.

The space agency's inspector general, Paul K. Martin, cited one case involving hackers with IP addresses in China. In that case, intruders gained "full system access" to change or delete sensitive files and user accounts for "mission-critical" systems at the Jet Propulsion Laboratory, he said in a report issued this week."In other words," Martin said, "the attackers had full functional control over these networks."

In another attack, hackers stole credentials for about 150 NASA employees, the report said.

NASA reported that it was the target of 47 sophisticated cyberattacks - the report calls them "advanced persistent threats" - in 2011. Thirteen of those 47 attacks successfully compromised NASA computers.

"The individuals or nations behind these attacks are typically well organized and well funded and often target high-profile organizations like NASA," Martin said in his report, titled "NASA Cybersecurity: An Examination of the Agency's Information Security."

In total, the space agency reported 5,408 incidents "that resulted in the installation of malicious software on or unauthorized access to its systems" in 2010 and 2011.

"These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives," Martin said.

NASA has conducted 16 investigations over the last five years that led to the arrests of foreign nationals from China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey and Estonia.

These intrusions "have affected thousands of NASA computers, caused significant disruption to mission operations, and resulted in the theft of export-controlled and otherwise sensitive data, with an estimated cost to NASA of more than $7 million," the report said.

Loss and theft have also been issues for NASA. Forty-eight agency mobile computing devices were reported lost or stolen between April 2009 and April 2011. This led to the possibility that sensitive algorithms and data landed in unauthorized hands.

"For example, the March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station," Martin wrote.

Martin testified in front of Congress on Wednesday and the report served as a precursor to his testimony. While in front of a House committee, Martin spoke about the slow pace of encryption for the agencies' mobile devices and the lack of technological security monitoring at NASA.

Copyright applies

* Congress informed of 5,408 NASA computer security breaches

A STOLEN US space agency laptop containing codes that control the International Space Station (ISS) did not put the orbiting lab in peril, a NASA spokesman said today.

The unencrypted notebook computer went missing in March 2011 and "resulted in the loss of the algorithms used to command and control the International Space Station", NASA Inspector General Paul Martin told politicians this week.

But the US space agency insisted that international astronauts were never at risk aboard the research outpost.

"NASA takes the issue of IT security very seriously, and at no point in time have operations of the International Space Station been in jeopardy due to a data breach," spokesman Trent Perrotto said.

The theft was alerted to Congress on Wednesday along with 5408 computer security "incidents" that resulted in unauthorised access to NASA systems or installation of malicious software in the past two years, Mr Martin said.

Perpetrators are suspected to include small-time hackers, organised criminal networks and foreign intelligence services.

The attacks affected thousands of NASA computers and cost the agency more than $US7 million ($6.51 million) in 2010 and 2011, he said.

Over the past few years, investigations have resulted in the arrests and convictions of hackers from China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey and Estonia, he said.

One cyber attack still under investigation happened in November 2011, when NASA's Jet Propulsion Laboratory (JPL) in California reported "suspicious network activity involving Chinese-based IP addresses", he said.

"Our review disclosed that the intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPL's networks," he added in testimony to the House Science, Space and Technology subcommittee.

"In other words, the attackers had full functional control over these networks."

To better guard against such attacks, "NASA needs to improve agency-wide oversight of the full range of its IT assets" and must encrypt more of its mobile and laptop devices, of which just one per cent are currently encrypted, he said.

Until then, NASA "will continue to be at risk for security incidents that can have a severe adverse effect on Agency operations and assets".

NASA's spokesman said in response that the space agency is in the process of implementing his recommendations and has made "significant progress to better protect the agency's IT systems".

© 2012 Herald and Weekly Times.

Topics

Other Press

Cleaves on Disc/Stick