NASA unprepared for cyber attacks

Everything started last week when has been announced that a laptop stolen from NASA during last year contained command codes used to control the International Space Station. The news is sensations as worrying, is it possible to store so sensible information without using any precaution like disk encryption. Are we discussing about an isolated case or is it practices to leave  unattended so precious data? Hundred of security policies, millions of words spent on security, critical infrastructure defense and institutions responsible for ensuring high levels of homeland security, this seems really useless.

This time the problem is related to a laptop but consider that dozens of devices were lost or stolen, that is the admission made to the Congress the space agency’s inspector general.

“The March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station,” NASA Inspector General Paul K. Martin said in written testimony .

The situation is alarming, we must consider the strategic importance of intellectual property exposed due to these accidents. We have repeatedly stressed the attention of foreign governments in strategic technology solutions in industries such as aerospace. In these areas it is extremely high the contribute in term of research and innovation made by new technologies that are introduced in later years used in the traditional sectors. Be able to steal this information means bridging a gap of technology and research for decades with disastrous consequences in economic terms. Substantial damage are counted also in terms of defense, the solutions are in fact first used in areas such as military, similar incidents in fact make vulnerable every country.

Consider that the estimates are only approximate and not knowing the true extent of the damage procured, in fact it is almost impossible to give real measure of the financial and technological impact. I personally think that the figure might be higher by two orders of magnitude.

Martin declared that in 2011 the agency was the target of 47 cyber attacks known as advanced persistent threats (APTs) surely made by group of expert hackers with deep knowledge of their target and of the information to search and steal, this is the proof that we are facing with cyber intelligence operations made by hostile governments. Martin admitted:

“the attackers had full functional control over these networks.”

He said that the attackers are able to gain full control on the systems of Nasa, this means that the hackers are able to operate freely exposing sensitive files or uploading hacking tools to steal user credentials and compromise the ordinary elaboration.

The situation is puzzling, what sense does it allocate investments of billions of dollars in aerospace research when the results of these efforts are within the reach of evil-minded hackers across the world?

Continuing with the internal investigation revealed a disarming scene, according to a report filed with the US House of Representatives last Wednesday none of the agency’s portable devices are encrypted. At least one of the stolen laptop containing algorithms to command and control the International Space Station.

The report notes that while around 54 percent of devices used government-wide are encrypted, only 1 percent of NASA’s devices are encrypted as of February 2012.

As can be imagined, the situation is extremely worrying and it is essential that any required actions are taken to address the cyber threats. Do not forget that NASA is one of the leading agencies in the world for Aeronautical and Space activities and it is therefore expected that its systems are the subject of innumerable attacks by hostile governments, by group of hacktivists , cyber criminals and hackers that want to test their skills against a strategic objective.


I personally think that the origin concern about these attacks is that due to cyber espionage, as occurred in the past for other aerospace agencies such as the Japanese one.
Mr Martin noted investigations had resulted in “arrests and convictions of foreign nationals in China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey, and Estonia”, everyone seems to be interested to the Nasa.

It is therefore essential that the defense capabilities of these systems that represent critical structures will grow in relation to the pressing cyber threats.

Pierluigi Paganini

UPDATE

After all this discussion I leave you with some thoughts … the site of NASA is a government site still open today, it is possible to walk down the directory structure. I understand that they are being reported to federal agencies like the FBI, which would seem little interested in it.
What is the real value that we give this information?

 

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

4 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

10 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

22 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

1 day ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

1 day ago

This website uses cookies.