Hackers had 'full functional control' of Nasa computers

International Space Station NASA said the loss of data did not affect the operations of the International Space Station

Related Stories

Hackers gained "full functional control" of key Nasa computers in 2011, the agency's inspector general has told US lawmakers.

Paul K Martin said hackers took over Jet Propulsion Laboratory (JPL) computers and "compromised the accounts of the most privileged JPL users".

He said the attack, involving Chinese IP addresses, was under investigation.

In a statement, Nasa said it had "made significant progress to protect the agency's IT systems".

Mr Martin's testimony on Nasa's cybersecurity was submitted to the House Committee on Science, Space and Technology's Subcommittee on Investigations and Oversight.

State of security

In the document, he outlined how investigators believed the attack had involved "Chinese-based internet protocol [IP] addresses".

He said that the attackers had "full system access" and would have been able to "modify, copy, or delete sensitive files" or "upload hacking tools to steal user credentials and compromise other Nasa systems".

Mr Martin outlined how the agency suffered "5,408 computer security incidents" between 2010 and 2011.

He also noted that "between April 2009 and April 2011, Nasa reported the loss or theft of 48 Agency mobile computing devices".

In one incident an unencrypted notebook computer was lost containing details of the algorithms - the mathematical models - used to control the International Space Station.

Nasa told the BBC that "at no point in time have operations of the International Space Station been in jeopardy due to a data breach".

Mixed motives

Mr Martin said Nasa was a "target-rich environment for cyber attacks".

He said that the motivation of the hackers ranged from "individuals testing their skill to break into Nasa systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services".

But while Mr Martin criticised aspects of Nasa's cybersecurity he noted investigations had resulted in "arrests and convictions of foreign nationals in China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey, and Estonia".

Nasa said it was working to implement the security improvements Mr Martin suggested in his testimony.

However the chairman of the congressional subcommittee, Rep Paul Broun, quoted in an online report of proceedings, said: "Despite this progress, the threat to Nasa's information security is persistent, and ever changing. Unless Nasa is able to constantly adapt - their data, systems, and operations will continue to be endangered."

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

  • Shinji Mikamo's father's watchTime peace

    The story of the watch that survived Hiroshima


  • Northern League supporters at the party's annual meeting in 2011Padania?

    Eight places in Europe that also want independence


  • Elephant Diaries - BBCGoing wild

    Wildlife film-makers reveal the tricks of the trade


  • Hamas rally in the West Bank village of Yatta, 2006Hamas hopes

    Why the Palestinian group won't back down yet


  • A woman dining aloneTable for one

    The restaurants that love solo diners


BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.