A report shows that security incidents even reveals the control algorithm for the ISS

Mar 1, 2012 10:40 GMT  ·  By

A written testimony of Paul K. Martin, Inspector General at NASA, before the agency’s Subcommittee of Investigations and Oversight reveals some interesting aspects regarding the Space Agency’s cybersecurity issues.

Not a week passes in which we don’t learn of another hacker that finds a flaw in one of NASA’s many online domains, but now, we are presented with the exact number of incidents that affected the organization’s infrastructure.

It turns out that 5,408 computer security incidents were recorded during 2010 and 2011.

“These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries’ objectives,” Martin wrote.

Apparently, these intrusions damaged thousands of computing devices, the total estimated cost to NASA being more than $7 million (4.9 million EUR).

The Inspector General admits that the organization is far behind other agencies when it comes to protecting the laptops utilized by personnel. In the timeframe between April 2009 and April 2011, 48 laptops and other mobile devices were stolen.

As a result of these incidents, not only personally identifiable information was leaked, but also some even more important data, such as the algorithms used to control the International Space Station (ISS), and secret data on NASA’s Constellation and Orion projects.

The biggest issue is not that the devices were stolen, instead the problem is that most of them had no form of encryption implemented.

Advanced persistent attacks (APTs) also targeted NASA. In the fiscal year 2011, 47 such attacks were reported, 13 of which were successful.

While it’s uncertain if any of these attacks were carried out by independent or state-funded hackers, the paper documents some of the more significant investigations that revealed the identities of attackers.

So far, two Romanian citizens, two Chinese, one British, one American, one Swedish, and one Italian were apprehended. They are currently investigated by authorities on suspicion of inflicting damage to NASA infrastructures.

The agency faces some serious challenges in securing all their systems while moving many of their operations to the cloud, but maybe they should start by listening to all the grey hats that report vulnerabilities in their sites.