Stolen NASA laptop stored space station code

Powered by SC Magazine
 

Space agency reveals IT security breaches.

Space agency NASA has revealed the theft of an unencrypted laptop last year that contained algorithms used "to command and control" the International Space Station.

The agency's inspector general Paul Martin made the revelation in cybersecurity-related testimony before a subcommittee of the US House of Representatives [pdf].

Martin said that NASA reported 48 agency "mobile computing devices" either lost or stolen in the two years to April 2011, including the machine containing the sensitive code.

"Other lost or stolen notebooks contained Social Security numbers and sensitive data on NASA's Constellation and Orion programs," he noted.

Constellation is a now-defunct human space flight program, while Orion aimed to operate a multi-purpose crew vehicle under Constellation. Parts of Orion continue in a separate program.

Martin said NASA could not "consistently measure" data loss because it relied on employees to "self-report... rather than determining what was stored on the devices by reviewing backup files".

In addition, Martin laid out figures for the number of recorded attempts by external parties to access its systems or install malicious code.

In 2010 and 2011, he said NASA recorded 5408 "computer security incidents" that caused damage pegged at around $US7 million.

Martin did not break down the incident figure, apart from detailing the number of advanced persistent threats (APTs) aimed at NASA's IT infrastructure.

He said NASA fell victim to 47 APT attacks in the 2011 financial year - 13 of which "successfully compromised agency computers".

One attacker netted 150 user credentials. Another gained full system access to NASA's Jet Propulsion Laboratory's systems.

Martin urged some caution on the figures because not all US agencies subjected themselves to the same level of scrutiny and reporting of computer security incidents as NASA did.

Copyright © iTnews.com.au . All rights reserved.


Stolen NASA laptop stored space station code
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1792

Vote
Do you support the abolition of the Office of the Information Commissioner?