NASA Systems At RiskFrom Hacking Attacks

It’ s not surprising really, when I learned that the recently retired NASA space shuttle was still using 5.25 ″ floppy drives – I suspected that much of the NASA IT architecture was
probably antiquated. Also the recent SCADA related security scare, indicated the industrial and large-scale systems probably aren ’ t the most secure around. Combine those two lines of reasoning
together and you get a fairly solid
conclusion that NASA networks
(especially those controlling old
equipment like shuttles) are probably
horribly insecure. An official audit of NASA ’ s network has concluded that the space agency
faces a high risk of cyberattack. Experts from the Office of the
Inspector General (OIG) paint a grim
picture of the state of the space
agency ’ s server infrastructure, warning that vulnerabilities in its
systems leave it open to defacement,
denial of service or information-
stealing attacks. In particular, six unnamed IT systems
were found to be at risk to attacks
that might allow hackers to seize
remote control of critical systems over
the net – which included systems that control spacecraft – as a result of unpatched software vulnerabilities.
The OIG’ s report (24-page PDF/703 KB, extract of conclusions below) also
warns that sensitive account
information is poorly protected and
wide open to extraction for any
attackers who make it past NASA ’ s perimeter defences. Add that to the fact that back in 2008 The International Space Station Was
Infected by a Virus and you should be fairly wary of NASA security. OIG recently provided this with a
recent security audit of the the server
infrastructure and networks at NASA,
the findings were not pretty. The full
report is available for download here: IG-11-017.pdf Obviously NASA claims all the
vulnerabilities found during the OIG
audit have been fixed, but what
about all the rest that haven ’ t been found yet? I sincerely hope they start
implementing a more holistic
approach to security rather than just
reactive patching. We found that computer servers on
NASA ’ s Agency-wide mission network had high-risk vulnerabilities
that were exploitable from the
internet. Specifically, six computer
servers associated with IT assets that
control spacecraft and contain critical
data had vulnerabilities that would allow a remote attacker to take
control of or render them unavailable. Moreover, once inside the Agency-
wide mission network, the attacker
could use the compromised
computers to exploit other
weaknesses we identified, a situation
that could severely degrade or cripple NASA ’ s operations. We also found network servers that revealed
encryption keys, encrypted
passwords, and user account
information to potential attackers.
These data are sensitive and provide
attackers additional ways to gain unauthorized access to NASA
networks. It is quite worrying as NASA has been
a fairly frequent victim of cyber-crime
and attacks, especially when it comes
to stealing data. Remember the whole Gary McKinnon case is because he hacked NASA. It was also suggested by an OIG audit
in May 2010 that they implement an
agency wide computer security
program, it seems that hasn’ t been done. Hopefully with this hitting the
mainstream media this time around,
something wil lget fixed.

Posted in: Hacking tools