Chinese hackers took over NASA's Jet Propulsion Lab

By Hum
in Science News & Discussion

 Share

Recommended Posts

Grand Master

Hum

Posted
Posted

Chinese hackers gained control over NASA?s Jet Propulsion Laboratory (JPL) in November, which could have allowed them delete sensitive files, add user accounts to mission-critical systems, upload hacking tools, and more -- all at a central repository of U.S. space technology, according to a report released Wednesday afternoon by the Office of the Inspector General.

That report revealed scant details of an ongoing investigation into the incident against the Pasadena, Calif., lab, noting only that cyberattacks against the JPL involved Chinese-based Internet Protocol (IP) addresses.

Paul K. Martin, NASA's inspector general, put his conclusions bluntly.

"The attackers had full functional control over these networks," he wrote.

Martin released written testimony about the attacks in the report "NASA Cybersecurity: An Examination of the Agency?s Information Security," presented to the House Science, Space and Technology Committee investigations panel on Wednesday. It details a host of security lapses and breaches of protocol at the space agency.

"In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorized access to its systems," his report states. "These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit."

more

Grand Master

Pink Floyd Veteran

Posted
  • Veteran
Posted

lol! I work for a chem producer and all our laptops are encrypted and we have a card to boot our laptop and enter passwords. No card, no booting. The funny thing is that We often say we have too many protections, as we do not work for the us gov hahah

Grand Master

+Nik Louch Subscriber²

Posted
  • Subscriber²
Posted
Chinese hackers, you mean the Chinese government.

No proof of that yet.

Why are these computers/networks connected to the friggin Internet?

Many systems are for many reasons, though primarily data exchange. The research is probably distributed. However, that is moot, because you can be connected and yet still secure as needs be.

Community Regular

Travelar

Posted
Posted

Wow... really? No data encryption on the laptop? This is sad...

Unfortunately, there was a memo issued in 2007 from the NASA CIO prohibiting the use of full-disk encryption until an Agency-wide solution could be procured and the infrastructure implemented. It hasn't happened yet... and the memo is still in effect.

http://www.nasa.gov/pdf/322748main_11_15_07-Data-at-Rest-Freeze.pdf

Grand Master

DocM

Posted
Posted

No proof of that yet.

Yet being the key word, and suspected - or at least some faction of it.

Remember: the Chinese space program is not civilian but is run by the People?s Liberation Army. If this is simply logistical control for a mainly civilian purpose, or fully operational control is still a matter of debate. Their internal statements are contradictory.

Grand Master

+chorpeac MVC

Posted
  • MVC
Posted

Unfortunately, there was a memo issued in 2007 from the NASA CIO prohibiting the use of full-disk encryption until an Agency-wide solution could be procured and the infrastructure implemented. It hasn't happened yet... and the memo is still in effect.

http://www.nasa.gov/...Rest-Freeze.pdf

Wow... :wacko:

Grand Master

Intersect

Posted
Posted

lol! I work for a chem producer and all our laptops are encrypted and we have a card to boot our laptop and enter passwords. No card, no booting. The funny thing is that We often say we have too many protections, as we do not work for the us gov hahah

i take its some type of pcmcia /express card that needs to be present for the laptops to boot, are you able to share more info about it

such as who makes it? sounds intresting.

Grand Master

DocM

Posted
Posted

So did they find any proof of aliens :rolleyes: :D

Just last December investigators tracked cyberattacks on 760 companies, US agencies & major contractors (including Lockheed Martin), organizations and research labs back to China. An attack by China on NASA would be no more surprising than a hooker dropping her drawers.

Grand Master

jimbo11883

Posted
Posted

i take its some type of pcmcia /express card that needs to be present for the laptops to boot, are you able to share more info about it

such as who makes it? sounds intresting.

Most likely a smart card, which can be as small as a phone SIM card or as big as a credit card. With a laptop, it's most likely the credit card variety.

Experienced

Wolfbane

Posted
Posted

Yet Gary McKinnon was traced and found. Surely the same can be done for others ? or is a cover up for a UFO more important to NASA than the Chinise playing with the toys. Maybe War Games was right.

Did you read the article?

"In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorized access to its systems,"

It would take a lot of time and money to catch every person who broke into their systems - a lot of time and money that NASA don't have to just throw away.

Grand Master

DocM

Posted
Posted

This has risen to a full blown national security issue because NASA has a lot of ITAR (export controlled) data - rocket, satellite etc. designs. Not to mention the intrusions into military and NASA contractors, infrastructure etc. Some intrusions are not Chinese, but the worst ones are and are from suspected military servers. Not good.

Grand Master

neoadorable

Posted
Posted

How do we know this was sanctioned by a government agency? And is it right to punish the scientists and engineers of their space program? Those guys are in it for the species just like the people in NASA. This is something for the two governments to sort out and make sure doesn't happen again. Gentle industrial espionage is par for the course and acceptable, we also do it. Brute intrusions and disruptions are not acceptable. But this should not stop cooperation, we need China in space, they have a lot to contribute.

Grand Master

DocM

Posted
Posted

How do we know this was sanctioned by a government agency? And is it right to punish the scientists and engineers of their space program? Those guys are in it for the species just like the people in NASA.

NASA is a civilian agency. China's space program is run by the Peoples Liberation Army. So far it looks like it was their servers.

This is something for the two governments to sort out and make sure doesn't happen again. Gentle industrial espionage is par for the course and acceptable, we also do it.

There were major national security secrets stolen - the kind that get you executed if done in person:. This goes beyond a little spying between friends; major systems of the F-22 fighter, military satellites, missile tech etc.

Brute intrusions and disruptions are not acceptable. But this should not stop cooperation, we need China in space, they have a lot to contribute.

Reagan said "Trust, but verify." we have not reached that point with the PLA yet, especially given their recent massive increases in the military procurement of offensive weapons. Enough so that Japan, S. Korea, the SE Asian countries and even India are taking major notice. Our radar turned on when they blinded a US military satellite with a laser a few years ago.

Proving this level of spending an innocent modernization is up to them now.

This topic is now closed to further replies.
 Share
Go to topic listing