Stolen NASA Laptop Had Space Station Control Codes
Source: msnbc.msn.com
A laptop stolen from NASA last year was unencrypted and contained command and control codes for the International Space Station (ISS) on it, the agency’s inspector general told a United States House subcommittee yesterday (Feb. 29).
In his testimony before a Science, Space and Technology House subcommittee, NASA Inspector General Paul K. Martin said the notebook computer stolen in March 2011 "resulted in the loss of the algorithms" used to control the ISS. This particular laptop, Martin said, was one of 48 NASA notebooks or mobile devices stolen between April 2009 and April 2011.
Some of these thefts resulted in the leak of sensitive data "including export-controlled, Personally Identifiable Information, and third-party intellectual property," as well as Social Security numbers and data on NASA’s Constellation and Orion programs, Martin said.
The actual number of stolen and compromised devices could be much higher because NASA relies on employees to self-report incidents.
In an email, NASA public affairs officer Trent Perrotto told SecurityNewsDaily that "at no point in time have operations of the International Space Station been in jeopardy due to a data breach."
"NASA has made significant progress to better protect the agency’s IT systems and is in the process of implementing the recommendations made by the NASA Inspector General in this area," Perrotto added.
In 2011, NASA, which Martin rightly called a "target-rich environment for cyberattacks," was the target of 47 advanced persistent threats (APTs), 13 of which successfully compromised NASA computers.
These attacks are part of the 5,408 cybersecurity incidents in 2010 and 2011 that resulted in unauthorized intrusions or malware being planted on its systems and cost the space agency an estimated $7 million.
[...]
Read the full article at: msnbc.msn.com
ISS Image: Source
NASA sells shuttle PCs without wiping secret data
