Hackers had 'full functional control' of Nasa computers

International Space Station NASA said the loss of data did not affect the operations of the International Space Station

Related Stories

Hackers gained "full functional control" of key Nasa computers in 2011, the agency's inspector general has told US lawmakers.

Paul K Martin said hackers took over Jet Propulsion Laboratory (JPL) computers and "compromised the accounts of the most privileged JPL users".

He said the attack, involving Chinese IP addresses, was under investigation.

In a statement, Nasa said it had "made significant progress to protect the agency's IT systems".

Mr Martin's testimony on Nasa's cybersecurity was submitted to the House Committee on Science, Space and Technology's Subcommittee on Investigations and Oversight.

State of security

In the document, he outlined how investigators believed the attack had involved "Chinese-based internet protocol [IP] addresses".

He said that the attackers had "full system access" and would have been able to "modify, copy, or delete sensitive files" or "upload hacking tools to steal user credentials and compromise other Nasa systems".

Mr Martin outlined how the agency suffered "5,408 computer security incidents" between 2010 and 2011.

He also noted that "between April 2009 and April 2011, Nasa reported the loss or theft of 48 Agency mobile computing devices".

In one incident an unencrypted notebook computer was lost containing details of the algorithms - the mathematical models - used to control the International Space Station.

Nasa told the BBC that "at no point in time have operations of the International Space Station been in jeopardy due to a data breach".

Mixed motives

Mr Martin said Nasa was a "target-rich environment for cyber attacks".

He said that the motivation of the hackers ranged from "individuals testing their skill to break into Nasa systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services".

But while Mr Martin criticised aspects of Nasa's cybersecurity he noted investigations had resulted in "arrests and convictions of foreign nationals in China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey, and Estonia".

Nasa said it was working to implement the security improvements Mr Martin suggested in his testimony.

However the chairman of the congressional subcommittee, Rep Paul Broun, quoted in an online report of proceedings, said: "Despite this progress, the threat to Nasa's information security is persistent, and ever changing. Unless Nasa is able to constantly adapt - their data, systems, and operations will continue to be endangered."

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

  • photo of patient zero, two year-old Emile OuamounoPatient zero

    Tracking first Ebola victim and and how virus spread


  • A young Chinese girl looks at an image of BarbieBarbie's battle

    Can the doll make it in China at the second attempt?


  • Prosperi in the 1994 MdSLost in the desert

    How I drank urine and bat blood to survive in the Sahara


  • Afghan interpetersBlacklisted

    The Afghan interpreters left by the US to the mercy of the Taliban


  • Flooded homesNo respite

    Many hit by last winter's floods are struggling to pay soaring insurance bills


BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.