NASA Jet Propulsion Lab Computers Were Seized By Hackers In November

    March 2, 2012
    Drew Bowling
    Comments are off for this post.

According to a federal report released on Wednesday, NASA was the target of 47 different sophisticated cyberattacks in 2011, some of which were considered “advanced persistent threats.” During one attack in November, hackers seized control of computers belonging to NASA’s Jet Propulsion Lab and were able to gain access to a trove of sensitive information.

In the November attack, JPL’s IT Security noted “suspicious network activity” originating from IP addresses in China. Paul K. Martin, NASA Inspector General, wrote in the report that “intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPL’s networks.”

Martin also detailed how, of those 47 different cyberattacks, 13 of them “successfully compromised Agency computers.” One specific attacked yielded a heist of over 150 NASA employees which “could have been used to gain unauthorized access to NASA systems.” As a result, Martin wrote that hackers could have modified, copied, or deleted sensitive files; added fabricated accounts; upload malware designed to steal user credentials; or modify NASA system logs that would conceal the hackers’ actions.

To highlight the level of concern that this security breach signifies for those unfamiliar with JPL, this is the lab responsible for many of NASA’s robotic missions exploring Earth, the solar system and beyond. JPL is also home to the Mars Science Laboratory, which is part of NASA’s long-term robotic exploration of Earth’s sometimes-closest celestial neighbor. One product of JPL’s exploration of Mars is the ongoing, decade-long reconnaissance mission of the Mars Odyssey orbiter, which discovered that a Martian crater once contained a lake and that there are more “water-carved canyons” on Mars than previously believed.

At any rate, you can see how much could potentially be at risk were hackers to compromise NASA’s exploration of Mars, to say nothing of our own planet or the rest of space. Given that the Obama Administration hacked out 21% of NASA’s allotted funding for 2013 fiscal year, one must imagine that the resources NASA has in order to defend itself against cyberattacks will be more limited this year.

  • David H

    What idiocy to put the most sensitive systems ONLINE! From powerplants to missile sites to NASA closed systems. No excuse.

  • http://www.dever.ee www.dever.ee

    Really, this isn’t that surprising. As much as the public would like to complain, budget cuts, under-staffing in IT, and the nature of the denizens of the net itself are just as much to blame as lax-security practices.

    I can personally attest to the prolonged attacks stemming from IPs within the PRC, as I’ve had to take extreme meassures to keep them out of the networks I manage… so much so that I’ve deployed systems that block all traffic to-and-from the PRC’s CIDRs. At my day job, which is in government IT, I’ve had to take just as extreme meassures to protect our email systems from attempted incursions via that methodology. I can only hope that our (native of India) firewall administrator would take as extreme of measures for all our border traffic. At this point, under such a record of prolonged attacks and no effort by the PRC government to stop these attacks coming from within their borders, it doesn’t make much sense to allow any traffic from the PRC or any of it’s territories to any USGov resource that isn’t hardened against any and all attacks.

    This is an area where I tend to agree with the US-DoD’s recent stance that any cyber attack on their systems is an act of war… but I go further to say it should be treated as such and responded to in-kind. It’s time we began ripping apart the infrastructure of any and all who would attack us.