April 7, 2011

NASA Systems At RiskFrom Hacking Attacks

It’ s not surprising really, when I learned that the recently retired NASA space shuttle was still using 5.25 ″ floppy drives – I suspected that much of the NASA IT architecture was
probably antiquated. Also the recent SCADA related security scare, indicated the industrial and large-scale systems probably aren ’ t the most secure around. Combine those two lines of reasoning
together and you get a fairly solid
conclusion that NASA networks
(especially those controlling old
equipment like shuttles) are probably
horribly insecure. An official audit of NASA ’ s network has concluded that the space agency
faces a high risk of cyberattack. Experts from the Office of the
Inspector General (OIG) paint a grim
picture of the state of the space
agency ’ s server infrastructure, warning that vulnerabilities in its
systems leave it open to defacement,
denial of service or information-
stealing attacks. In particular, six unnamed IT systems
were found to be at risk to attacks
that might allow hackers to seize
remote control of critical systems over
the net – which included systems that control spacecraft – as a result of unpatched software vulnerabilities.
The OIG’ s report (24-page PDF/703 KB, extract of conclusions below) also
warns that sensitive account
information is poorly protected and
wide open to extraction for any
attackers who make it past NASA ’ s perimeter defences. Add that to the fact that back in 2008 The International Space Station Was
Infected by a Virus and you should be fairly wary of NASA security. OIG recently provided this with a
recent security audit of the the server
infrastructure and networks at NASA,
the findings were not pretty. The full
report is available for download here: IG-11-017.pdf Obviously NASA claims all the
vulnerabilities found during the OIG
audit have been fixed, but what
about all the rest that haven ’ t been found yet? I sincerely hope they start
implementing a more holistic
approach to security rather than just
reactive patching. We found that computer servers on
NASA ’ s Agency-wide mission network had high-risk vulnerabilities
that were exploitable from the
internet. Specifically, six computer
servers associated with IT assets that
control spacecraft and contain critical
data had vulnerabilities that would allow a remote attacker to take
control of or render them unavailable. Moreover, once inside the Agency-
wide mission network, the attacker
could use the compromised
computers to exploit other
weaknesses we identified, a situation
that could severely degrade or cripple NASA ’ s operations. We also found network servers that revealed
encryption keys, encrypted
passwords, and user account
information to potential attackers.
These data are sensitive and provide
attackers additional ways to gain unauthorized access to NASA
networks. It is quite worrying as NASA has been
a fairly frequent victim of cyber-crime
and attacks, especially when it comes
to stealing data. Remember the whole Gary McKinnon case is because he hacked NASA. It was also suggested by an OIG audit
in May 2010 that they implement an
agency wide computer security
program, it seems that hasn’ t been done. Hopefully with this hitting the
mainstream media this time around,
something wil lget fixed.

3 comments:

Did you ever try to maximize your free bitcoin collections by utilizing a BITCOIN FAUCET ROTATOR?

If you are looking to buy bitcoins online, PAXFUL is the best source for bitcoins as it allows buying bitcoins by 100's of different payment methods, such as Western Union, MoneyGram, PayPal, Credit Cards and they even allow exchanging your gift cards for bitcoins.

YoBit lets you to claim FREE COINS from over 100 unique crypto-currencies, you complete a captcha one time and claim as much as coins you want from the available offers.

After you make about 20-30 claims, you complete the captcha and continue claiming.

You can press claim as many times as 30 times per one captcha.

The coins will safe in your account, and you can convert them to Bitcoins or Dollars.

Post a Comment


:Disclaimer:+

All content provided on this blogs is for educational purposed Only. All posts are properly credited to its respective author and will not be liable for any misuse, errors or omissions on this information nor for the availability of this information.

Labels

mobile tricks (39) globe tricks (32) Anime manga movie (31) tutorials (31) Internet Tricks (25) Smart tricks (24) globe tattoo tricks (18) facebook cheats (14) free internet (14) mobile applications (14) Bussiness Programs (13) Hacking tools (13) For Windows (11) Affiliates (9) Smart broadband tricks (9) earn money (9) free text (9) mobile streaming (9) psp games (8) Wapmaster tools (7) Work at home (7) airtel tricks (7) hacking tricks (7) operamini handler (7) pc games (7) Cproxy acount generator (6) Cproxy disposable email (6) google tricks (6) mobile games (6) ninja saga cheats (6) openvpn tricks (6) Cproxy ip (5) ce-proxy (5) cproxy (5) faccebook hack (5) globe tatto tricks (5) pc sofware (5) DNS servers (4) Free movie (4) Globe streaming tricks (4) best ptc site (4) facebook hack (4) free calls (4) magic ip for globe (4) mmstricks (4) online games (4) virus tricks (4) Broadband unlocker (3) Free antivirus (3) Latest Gadget (3) List of Opera mini servers (3) Smart streaming tricks (3) Symbian Games (3) Xbox360 games (3) convert youtube video to mp3 (3) cproxy setup (3) facebook connect (3) global ip tricks (3) javascript (3) magic ip (3) psp cheats (3) ucweb handler (3) yahoo mail tricks (3) youtube tricks (3) Cgi proxy (2) DNS (2) Dot tricks for globe (2) Mobile anti virus (2) Php proxy (2) Source viewer beta (2) Sun Cellular Latest News (2) Tv live streaming (2) arethusa vpn tricks (2) chatroom for blogs or website (2) crack software (2) earn more smart/globe load (2) facebook friends (2) free text to all network (2) globe tattoo software (2) html symbols (2) javascript code (2) live streaming (2) online tools (2) opera mini tools (2) pc zone (2) registration keys (2) password cheaters (1) vpn tricks (1) worst pasword (1)

 
back to top