NASA says it was hacked 13 times last year

Fri Mar 2, 2012 2:00pm EST

Tourists take pictures of a NASA sign at the Kennedy Space Center visitors complex in Cape Canaveral, Florida April 14, 2010.  REUTERS/Carlos Barria

Tourists take pictures of a NASA sign at the Kennedy Space Center visitors complex in Cape Canaveral, Florida April 14, 2010.

Credit: Reuters/Carlos Barria

Related Topics

(Reuters) - NASA said hackers broke into its computer systems 13 times last year, stealing employee credentials and gaining access to mission-critical projects in breaches that could compromise U.S. national security.

The National Aeronautics and Space Administration spends only $58 million of its $1.5 billion annual IT budget on cyber security, Paul Martin, the agency's inspector general, told a Congressional panel on NASA security earlier this week.

"Some NASA systems house sensitive information which, if lost or stolen, could result in significant financial loss, adversely affect national security, or significantly impair our nation's competitive technological advantage," Martin said in testimony before the U.S. House Committee on Science, Space and Technology, released on Wednesday. (bit.ly/yQFSB8)

He said the agency discovered in November that hackers working through a Chinese-based IP address broke into the network of NASA's Jet Propulsion Laboratory.

He said they gained full system access, which allowed them to modify, copy, or delete sensitive files, create user accounts for mission-critical JPL systems and upload hacking tools to steal user credentials and compromise other NASA systems. They were also able to modify system logs to conceal their actions, he said.

"Our review disclosed that the intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPL's networks," he said.

In another attack last year, intruders stole credentials for accessing NASA systems from more than 150 employees.

Martin said the agency has moved too slowly to encrypt or scramble the data on its laptop computers to protect information from falling into the wrong hands.

Unencrypted notebook computers that have been lost or stolen include ones containing codes for controlling the International Space Station as well as sensitive data on NASA's Constellation and Orion programs and Social Security numbers, Martin said.

(Reporting By Jim Finkle; editing by Gunna Dickson)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (9)
jeffme wrote:
“Only” $58MM? Doesn’t 3.75% of an agency’s budget seem like quite a bit to spend on technology that doesn’t contribute to the advancement of the agency’s mission? What’s the point of this pejorative “only”? What’s an appropriate % to spend? Is there a flat $$ amount any agency should spend? Perhaps the real story here is how much money is being spent on partial solutions to a genuine economic threat?

Mar 02, 2012 2:33pm EST  --  Report as abuse
Maybe they need to get apple computers….

Mar 02, 2012 4:08pm EST  --  Report as abuse
Maybe they need to get apple computers….

Mar 02, 2012 4:08pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.