This is not a NASA Website. You might learn something. It's YOUR space agency. Get involved. Take it back. Make it work - for YOU.
IT/Web

CryptoLocker Virus at NASA

By Keith Cowing
NASA Watch
June 9, 2015
Filed under ,
CryptoLocker Virus at NASA

Even NASA Got Infected With ‘CryptoLocker’ Ransomware, Motherboard
“Between September 2013 and June 2014, a virus known as CryptoLocker infected around 500,000 computers around the world. Designed to lock data on a victim’s computer and hold it for ransom, it ended up extorting an estimated $3 million from victims who agreed to pay rather than lose their files. Among those victims of Cryptolocker were two NASA computers, according to an internal document obtained by Motherboard. The ransomware virus infected a computer at the NASA Ames Research Center in California on October 23, 2013, “resulting in the loss of access to NASA data,” according to the document. It also hit another computer at the visitor center of the Kennedy Space Center in Florida two days later. The document was prepared by the NASA Office of Inspector General, and is scant on details.”

NASA Watch founder, Explorers Club Fellow, ex-NASA, Away Teams, Journalist, Space & Astrobiology, Lapsed climber.

8 responses to “CryptoLocker Virus at NASA”

  1. Andrew_M_Swallow says:
    0
    0

    Time the developers and operators of CryptoLocker were found and arrested. To be held without bail on the grounds that this is a continuing offence. Their bank accounts frozen and assets confiscated as proceeds of crime.

    Virus checkers upgraded to detect CryptoLocker. The DOD is the regulatory agency for that. The how to decrypt information should be published, possibly as a computer program.

    • PsiSquared says:
      0
      0

      Trying to find the people distributing/using CryptoLocker is likely to be as successful as hunting hackers. As for decrypting infected computers, if it were easy it would be likely that someone would have already found away. I wouldn’t count on decryption being a solution in the near future.

    • hikingmike says:
      0
      0

      You can’t freeze a Bitcoin wallet. It will be difficult to find them also. They did manage to find the Silk Road guy, but that was through a combination of various hints, good police work, and maybe some white hat hacking. http://arstechnica.com/tech

      If it uses solid encryption practice (not all do and it can be difficult to), there really isn’t any “how to decrypt information” without the key, or some extremely unlikely breakthrough in decryption of the encryption algorithm used. This one must have had a vulnerability that maybe the developer was comfortable with, and the security researchers were able to find, but the next one might not. And finding the people would help, but the code bits are out there for other people to use too. So yeah, it’s really down to good practices and virus checkers, but it’s a difficult one. And of course backups!

      I’m a programmer that uses encryption and I work for a data recovery company.

  2. Michael Spencer says:
    0
    0

    No problem. Just use the backups. Right?

  3. hikingmike says:
    0
    0

    Some variants can be recovered from fully or partially (usually with the help of a data recovery firm), and others do “proper” encryption and there is no getting the files back without the key. Of course paying the ransom just increases the likelihood that more bad guys will put their efforts into it.