Chinese hackers 'had full access' to Nasa lab that commands 23 spacecraft

 

Chinese hackers gained 'full access' to the computer network in one of Nasa's key control centres, the Jet Propulsion Laboratory.

JPL manages 23 spacecraft conducting active space missions, including missions to Jupiter, Mars and Saturn.  

The hackers, operating from an internet address in China, gained full system access in November 2011, allowing them to upload hacking tools to steal user IDs and control Nasa systems, as well as copy sensitive files.

The hackers were also able to modify system logs to conceal their actions. 

‘The intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPL's networks,’ said National Aeronautics and Space Administration Inspector General Paul Martin.

The cyber attack was one of 'thousands' of computer security lapses at the space agency.

Martin said the hackers gained full system access, which allowed them to modify, copy, or delete sensitive files, create new user accounts and upload hacking tools to steal user credentials and compromise other NASA systems. 

National Aeronautics and Space Administration Inspector General Paul Martin testified before Congress on the breaches.

In another attack last year, intruders stole credentials for accessing NASA systems from more than 150 employees.

Martin said the his office identified thousands of computer security lapses at the agency in 2010 and 2011.        

Mars Rover, controlled by JPL: The hackers, operating from an internet address in China, gained full system access, allowing them to upload hacking tools to steal user IDs and control Nasa systems, as well as copy sensitive files

He also said NASA has moved too slowly to encrypt or scramble the data on its laptop computers to protect information from falling into the wrong hands.          

Unencrypted notebook computers that have been lost or stolen include ones containing codes for controlling the International Space Station, as well as sensitive data on NASA's Constellation and Orion programs, Martin said.

A NASA spokesman told Reuters on Friday the agency was implementing recommendations made by the Inspector General's Office.             

‘NASA takes the issue of IT security very seriously, and at no point in time have operations of the International Space Station been in jeopardy due to a data breach,’ said NASA spokesman Michael Cabbagehe.    

 
Giving testimony on the space agency's security issues, NASA Inspector General Paul K. Martin told Congress that 48 agency devices were lost or stolen over a two year period.

Enlarge  

Security breach: A laptop stolen from NASA contains the control codes used to command the International Space Station

The mobile devices, which contained personable data, intellectual property, and highly sensitive export-controlled data, were stolen between April 2009 and April 2011, CBS News reported.

Over two years alone NASA was the victim of 5,408 computer security breaches that included unauthorized access to systems or the installation of unauthorized software. The incidents during 2010 and 2011 cost the space agency around $7 million.

Martin told Congress in written testimony: 'The March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station,'
Another stolen laptop contained classified information on NASA's space exploration Constellation and Orion programs and employees social security details.

These figures may be the tip of the iceberg, Martin said because the system for reporting lost data or devices is voluntary:

He said: 'NASA cannot consistently measure the amount of sensitive data exposed when employee notebooks are lost or stolen because the agency relies on employees to self-report regarding the lost data rather than determining what was stored on the devices by reviewing backup files,' CBS News reported.

Fears: NASA Inspector General Paul Martin painted a bleak picture of security at the space agency

In 2011 NASA was the victim of 47 serious cyberattacks by individuals or groups attempting to steal information or gain access to systems, Martin said.

13 of these advanced persistent threats or (APTs) were successful including one attack in which system access codes for some 150 NASA employees were stolen.

Another attack on the Jet Propulsion Laboratory in Pasadena, Calif. stemming from China based USPs is still under investigation. Cyber thieves 'gained full access to key JPL systems and sensitive user accounts,' Martin said.

Martin painted a gloomy picture of security at NASA explaining while the rate of mandated encryption across government departments was 54 percent, just 1 percent of NASA portable devices are encrypted.

'Until NASA fully implements an agency-wide data encryption solution, sensitive data on its mobile computing and portable data storage devices will remain at high risk for loss or theft,' he said.