Stolen NASA Laptop Contained International Space Station Codes

A testimony delivered to the US House Committee on Science, Space, and Technology yesterday revealed that in March 2011 an unencrypted NASA notebook computer was stolen, resulting in “the loss of the algorithms used to command and control the International Space Station”.

The theft, documented in a report by NASA Inspector General Paul K. Martin, was one of several thousand breaches in IT security over the last two years.

NASA under fire

In his address, Martin established the five key IT challenges facing the US agency, including the shift to cloud computing and the slow rate of encryption for NASA laptops and mobile devices.  For the latter issue, he highlighted that only one per cent of NASA’s mobile devices and laptops were encrypted compared to the Government-wide average of 54 per cent.

He notes that between April 2009 and April 2011, 48 devices were declared as lost or stolen within the agency, including the laptop containing the ISS data, which was reported in March 2011. Martin added: “Other lost or stolen notebooks contained Social Security numbers and sensitive data on NASA’s Constellation and Orion programs.”

Other sensitive data was also leaked due to a lack of standardised IT security controls. Excess shuttle IT equipment, including computers and hard drives, have to be put through ‘sanitization testing’ before they can be sold or be prepared for sale to the public. The report notes that one NASA centre released 10 computers that failed testing and may have contained sensitive information; while another four were confiscated by auditors as they were being prepared for sale.

Between 2010 and 2011, NASA reported 5,408 instances where unauthorised access was granted to sensitive computers or where malware was installed.

“These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries’ objectives,” Martin said.

NASA said that such attacks affected thousands of computers and estimates the cost of damage to be around $7 million (£4.4m). While Martin reports that the agency is a “target rich” environment for attacks, he also mentions that it is the only one in the US government to regularly conduct intrusion investigations. NASA currently spends $1.5 billion (£940m) on IT annually, with $58 million (£36m) going towards security.

Due to NASA’s status as a “target rich” environment, it has become the focus of Advanced Persistent Threats (APTs). The report states that in the 2011 financial year, the agency was the victim of 47 APTs, of which 13 successfully gained access, stole data, modified sensitive information and/or uploaded hacking tools.

Among the attackers, various Chinese IP addresses were identified and, last November, six Estonians and a Russian were indicted as part of an FBI investigation concerning an international fraud scheme in which 135 NASA systems were affected.

How well do you know Internet security? Try our quiz and find out!

Jiten Karia

Recent Posts

Apple Sales Rise 6 Percent After Early iPhone 16 Demand

Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…

24 hours ago

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago