NASA Pwned

According to a recent article in BusinessWeek, NASA has been the target of an ongoing campaign of cyber espionage. Specifically, the article notes,

America's military and scientific institutions—along with the defense industry that serves them—are being robbed of secret information on satellites, rocket engines, launch systems, and even the Space Shuttle. The thieves operate via the Internet from Asia and Europe, penetrating U.S. computer networks. Some of the intruders are suspected of having ties to the governments of China and Russia, interviews and documents show. Of all the arms of the U.S. government, few are more vulnerable than NASA, the civilian space agency, which also works closely with the Pentagon and American intelligence services.

These attacks are first and foremost an example of a violation of data confidentiality. In one case an attacker stole "at least 20 gigabytes of compressed data—the equivalent of 30 million pages."

John McManus, chief technology officer at NASA from 2003 through 2006, has stated. "If another country can break in and steal information about rocket motors or fuel systems, well, that's billions of dollars that can be spent elsewhere."

Additionally, the article also details an attack on system availability. According to the article, "In 1998 a U.S.-German satellite known as ROSAT, used for peering into deep space, was rendered useless after it turned suddenly toward the sun. NASA investigators later determined that the accident was linked to a cyber-intrusion at the Goddard Space Flight Center in the Maryland suburbs of Washington."

Given these penetrations and apparent tampering it is unlikely that NASA can trust the integrity of either their data or their systems.

Other random thoughts:

• In one case it took NASA and its contractors approximately 7 months to discover a breach on its network. This clearly demonstrates that all the technology in the world wont protect a network if the network operators are lazy, untrained, or otherwise incompetent. As the BusinessWeek article states, "had anyone been monitoring the Marshall computer networks in real time, the suspicious activity, automatically recorded on logs, would have been 'immediately evident,' NASA investigators concluded, according to a Dec. 11, 2002, report to top NASA executives."

• Breaches were reported on NASA's network as early as 1997 - over 11 years ago! Its amazing that after 11 years security at NASA is as weak as it appears to be.