Stolen NASA laptop stored space station code

Powered by SC Magazine
 

Space agency reveals IT security breaches.

Space agency NASA has revealed the theft of an unencrypted laptop last year that contained algorithms used "to command and control" the International Space Station.

The agency's inspector general Paul Martin made the revelation in cybersecurity-related testimony before a subcommittee of the US House of Representatives [pdf].

Martin said that NASA reported 48 agency "mobile computing devices" either lost or stolen in the two years to April 2011, including the machine containing the sensitive code.

"Other lost or stolen notebooks contained Social Security numbers and sensitive data on NASA's Constellation and Orion programs," he noted.

Constellation is a now-defunct human space flight program, while Orion aimed to operate a multi-purpose crew vehicle under Constellation. Parts of Orion continue in a separate program.

Martin said NASA could not "consistently measure" data loss because it relied on employees to "self-report... rather than determining what was stored on the devices by reviewing backup files".

In addition, Martin laid out figures for the number of recorded attempts by external parties to access its systems or install malicious code.

In 2010 and 2011, he said NASA recorded 5408 "computer security incidents" that caused damage pegged at around $US7 million.

Martin did not break down the incident figure, apart from detailing the number of advanced persistent threats (APTs) aimed at NASA's IT infrastructure.

He said NASA fell victim to 47 APT attacks in the 2011 financial year - 13 of which "successfully compromised agency computers".

One attacker netted 150 user credentials. Another gained full system access to NASA's Jet Propulsion Laboratory's systems.

Martin urged some caution on the figures because not all US agencies subjected themselves to the same level of scrutiny and reporting of computer security incidents as NASA did.

Copyright © iTnews.com.au . All rights reserved.


Stolen NASA laptop stored space station code
 
 
 
Top Stories
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 312

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 118

Vote