Stolen NASA laptop stored space station code

Powered by SC Magazine
 

Space agency reveals IT security breaches.

Space agency NASA has revealed the theft of an unencrypted laptop last year that contained algorithms used "to command and control" the International Space Station.

The agency's inspector general Paul Martin made the revelation in cybersecurity-related testimony before a subcommittee of the US House of Representatives [pdf].

Martin said that NASA reported 48 agency "mobile computing devices" either lost or stolen in the two years to April 2011, including the machine containing the sensitive code.

"Other lost or stolen notebooks contained Social Security numbers and sensitive data on NASA's Constellation and Orion programs," he noted.

Constellation is a now-defunct human space flight program, while Orion aimed to operate a multi-purpose crew vehicle under Constellation. Parts of Orion continue in a separate program.

Martin said NASA could not "consistently measure" data loss because it relied on employees to "self-report... rather than determining what was stored on the devices by reviewing backup files".

In addition, Martin laid out figures for the number of recorded attempts by external parties to access its systems or install malicious code.

In 2010 and 2011, he said NASA recorded 5408 "computer security incidents" that caused damage pegged at around $US7 million.

Martin did not break down the incident figure, apart from detailing the number of advanced persistent threats (APTs) aimed at NASA's IT infrastructure.

He said NASA fell victim to 47 APT attacks in the 2011 financial year - 13 of which "successfully compromised agency computers".

One attacker netted 150 user credentials. Another gained full system access to NASA's Jet Propulsion Laboratory's systems.

Martin urged some caution on the figures because not all US agencies subjected themselves to the same level of scrutiny and reporting of computer security incidents as NASA did.

Copyright © iTnews.com.au . All rights reserved.


Stolen NASA laptop stored space station code
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 704

Vote