NASA computer systems 'too vulnerable to crippling hacker attacks'
Paul Martin: The Nasa inspector general says Nasa's computer network is vulnerable to incidents that could have a 'catastrophic' effect on the agencyYou would hope the space agency so famous for its high-end computer technology might at least be able to keep their systems secure from hackers.But IT security is so bad at Nasa that its computer network is vulnerable to incidents that could have a catastrophic or crippling effect on the agency, a report said.Nasa inspector general Paul Martin said computer servers on its mission network that control spacecraft in orbit have high-risk vulnerabilities exploitable from the internet, reports AFP.He is very concerned about six computer servers related to IT assets controlling spacecraft and containing critical data, according to the security audit report.Cyber-attackers who hack into the network could use computers to exploit other weaknesses and severely degrade orcripple NASA's operations, the report said.Mr Martin said: We found that computer servers on Nasa's agency-wide mission network had high-risk vulnerabilities that were exploitable from the internet.Specifically,six computer servers associated with IT assets that control spacecraft and contain critical data had vulnerabilities that would allow a remote attacker to take control of or render them unavailable.
More...
- Why haven't you called? Mars rover fails to phone Earth in over a year and now Nasa fears it is lost for ever
- Mechanical wonder: Robot bird mimics flight so accurately it could be mistaken for the real thing
Th e audit was performed after Nasa was hacked in cyber-intrusions that resulted in the theft of export-controlled and other sensitive data from its mission computer networks.
Shuttle control: Mr Martin is very worried about six computer servers related to IT assets controlling spacecraft and containing critical Nasa data
Security lapse: Nasa network servers were found that revealed encryption keys, encrypted passwords and user account information to potential cyber-attackersIn May 2009, hackers caused a mission system to make over 3,000 unauthorised connections to IP addresses in China, Holland, Saudi Arabia and Estonia. In addition, cyber-criminals stole 22GB of restricted data from a Jet Propulsion Laboratory computer system in January 2009.Mr Martin is head of the Nasa Office of Inspector General which conducts independent reports on Nasa programmes to promote economy, efficiency and effectiveness.He told Nasa to carry out an agency-wide IT security risk assessment and act immediately to cut down risks.
Comments