We bid for some FISMA work at NASA so I thought I would share with everyone what NASA hasn’t been doing properly….You might think that out of all U.S. federal agencies, NASA would be among the top ranking in cybersecurity defense. But according to a report issued by the Government Accountability Office, the National Aeronautics and Space Administration has been hit with 1,120 security incidents in 2007 and 2008.
It seems at NASA, malware installations, data breaches, stolen laptops, and botnet infections are commonplace. Among the stolen information were unencrypted data on a prototype hypersonic jet and plans for a lunar orbiter space telescope. Some time ago, 82 NASA computers were found to be part of a Ukranian botnet and 86 computers were infected by the Zoneback Trojan.
Since then, NASA was told to plug up its security holes, but the new report by the GAO says NASA has not done enough. Apparently, it isn’t difficult for intruders to infiltrate NASA networks and steal, delete, or modify mission critical information.
As the report states, “NASA’s high profile and cutting edge technology makes the agency an attractive target for hackers seeking recognition, or for nation-state sponsored cyber spying.” NASA’s security gaps make the administration susceptible to stolen data by competing space programs or private sector networks who wish to gain a competitive advantage. At the same time, terrorist groups may use cyber attacks to disrupt or destroy NASA missions. Still, attacks could come from identity thieves who could access sensitive employee information on NASA’s nearly 20,000 employees.
I believe the security gaps at NASA put our national interests at risk and weaken the strategic technological advantage of the US. But, simply the existence of these security holes creates an embarrassing situation which may embolden hackers to increase their attacks on other government agencies. After all, if security is so poor at NASA then how much better could it be at crucial military organizations?
You must log in to post a comment.