‘Threat to US security’ after Nasa hit by 13 cyber attacks

THE US space agency Nasa said hackers broke into its computer systems 13 times last year, stealing staff credentials and gaining access to mission-critical projects in breaches that could compromise American national security.
By The Newsroom
Published 3rd Mar 2012, 00:49 BST

Its inspector general, Paul Martin, told a Congressional panel on Nasa security it spent only $58 million (£36.6m) of its $1.5 billion (£947m) annual IT budget on cyber security.

He said: “Some Nasa systems house sensitive information which, if lost or stolen, could result in significant financial loss, adversely affect national security or significantly impair our nation’s competitive technological advantage.”

Hide Ad
Hide Ad

He said the agency discovered in November that hackers working through a Chinese-based IP address had broken into the network of Nasa’s Jet Propulsion Laboratory (JPL).

They gained “full system access”, allowing them to modify, copy or delete sensitive files, create user accounts for mission-critical systems and upload hacking tools to steal user credentials and compromise other Nasa systems. They were also able to modify system logs to conceal their actions. “Our review disclosed that the intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPL’s networks,” he said.

In another attack last year, intruders stole credentials for accessing Nasa systems from more than 150 employees.

Mr Martin said the agency had moved too slowly to encrypt or scramble the data on its laptop computers to stop information falling into the wrong hands.

Related topics:NASAAmerican