NASA Unprepared for Cyber Attacks

Monday, March 05, 2012

Pierluigi Paganini

03b2ceb73723f8b53cd533e4fba898ee

(Translated from the original Italian)

Everything started last week when it was announced that a laptop stolen from NASA last year contained command codes used to control the International Space Station.

The news is as sensational as it is worrying - why is it possible to store such sensitive information without using any precaution like disk encryption? Is this an isolated case or is it common practice to leave such precious data unprotected?

With hundreds of security policies, containing millions of words about security for critical infrastructure defense at institutions responsible for ensuring national security, this seems really ridiculous.

This time the problem is related to a laptop, but consider that dozens of devices have been lost or stolen, at least that is the admission made to Congress by the space agency's inspector general.

"The March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station," NASA Inspector General Paul K. Martin said in written testimony .

The situation is alarming, and we must consider the strategic importance of intellectual property exposed due to these incidents. We have repeatedly stressed the attention that foreign governments are paying to extracting strategic technology solutions in industries such as aerospace.

In these areas, there are important contributions being made in term of research and innovation on new technologies that are introduced in later years to be used in the traditional sectors.

Loss of this information means setbacks for technology and research for decades, with disastrous consequences in economic terms. Substantial damages are sustained also in terms of defense, as the solutions are in fact first used in sectors such as the military, and such incidents in fact make vulnerable every country.

Consider that the loss estimates are only approximate and not knowing the true extent of the damages incurred, it is almost impossible to determine the real measure of the financial and technological impact. I personally think that the figure might be higher by two orders of magnitude.

NASA's Martin declared that in 2011 the agency was the target of 47 cyber attacks known as advanced persistent threats (APTs) probably conducted by groups of expert hackers with deep knowledge of their targets and of the information they sought,evidence that we are faced with increasingly sophististicated cyber intelligence operations conducted by hostile governments. 

Martin admitted "the attackers had full functional control over these networks."

He said that the attackers are able to gain full control on the systems of NASA, which means that the hackers are able to operate freely, exposing sensitive files or uploading hacking tools to steal user credentials and compromise the networks.

The situation is puzzling, what sense does it make to allocate investments of billions of dollars in aerospace research when the results of these efforts are within the reach of evil-minded hackers across the world?

The internal investigation at NASA also revealed that almost none of the agency's portable devices are encrypted, and that at least one of the stolen laptops contained algorithms to command and control systems for the International Space Station, according to a report filed with the US House of Representatives last Wednesday.

The report notes that while around 54 percent of devices used government-wide are encrypted, only 1 percent of NASA's devices were encrypted as of February 2012.

As you can imagine, the situation is extremely worrying and it is essential that actions are required to address these cyber threats. Do not forget that NASA is one of the leading agencies in the world for Aeronautical and Space activities, and it is therefore expected that its systems are the subject of innumerable attacks by hostile governments, by group of hacktivists, cyber criminals and hackers that want to test their skills against a strategic objective.

Mr Martin noted that investigations had resulted in "arrests and convictions of foreign nationals in China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey, and Estonia" - it seems that everyone seems to be interested to the NASA.

It is therefore essential that the defense capabilities of these systems that represent critical structures should increase in relation to the escalation in cyber threats.

UPDATE:

After all this discussion I leave you with some thoughts... the site of NASA is a government site still open today, it is possible to browse through the directory structure. I understand that users are being reported to federal agencies like the FBI, which would seem little interested in it. What is the real value that we give this information?

Cross-posted from Security Affairs

Possibly Related Articles:
14275
Network->General
Federal
Encryption breaches Intellectual Property Attacks Advanced Persistent Threats NASA Espionage Network Security National Security hackers Pierluigi Paganini
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.