NASA IT Security is a Mess - Stolen Laptops and Hacking JPL

Testimony by NASA IG Paul Martin: NASA Cybersecurity: An Examination of the Agency's Information Security

"Between April 2009 and April 2011, NASA reported the loss or theft of 48 Agency mobile computing devices, some of which resulted in the unauthorized release of sensitive data including export-controlled, Personally Identifiable Information (PII), and third-party intellectual property. For example, the March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station...."

"...In one of the successful attacks, intruders stole user credentials for more than 150 NASA employees - credentials that could have been used to gain unauthorized access to NASA systems. Our ongoing investigation of another such attack at JPL involving Chinese-based Internet protocol (IP) addresses has confirmed that the intruders gained full access to key JPL systems and sensitive user accounts."

Testimony by NASA CIO Linda Cureton: NASA Cybersecurity: An Examination of the Agency's Information Security

"The NASA IT Security program is transforming and maturing. The real-world requirement is to protect NASA's information and information systems at a level commensurate with mission needs and information value. Therefore, NASA is increasing visibility and responsiveness through enhanced information security monitoring of NASA's systems across the Agency."

Space station control codes on stolen NASA laptop, CNet

"A laptop stolen from NASA last year contained command codes used to control the International Space Station, an internal investigation has found. The laptop, which was not encrypted, was among dozens of mobile devices lost or stolen in recent years that contained sensitive information, the space agency's inspector general told Congress today in testimony highlighting NASA's security challenges."

  • submit to reddit


Loading




Join our mailing list




Monthly Archives

About this Entry

This page contains a single entry by Keith Cowing published on March 2, 2012 9:16 AM.

MSL Was Launched WIth Incomplete and Flawed Software was the previous entry in this blog.

Practicing On Earth How To Find Life Elsewhere is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.