Even high-tech NASA isn’t impervious to hackers. The space agency reported to Congress this week that it had been hacked a total of 13 times last year, including one China-based attack that gained complete access and control of mission critical systems as well as employee accounts. The revelation comes as Congress debates two competing cyber-security bills to boost the government’s defenses against cyber attacks.
“Some NASA systems house sensitive information which, if lost or stolen, could result in significant financial loss, adversely affect national security, or significantly impair our nation’s competitive technological advantage,” said NASA’s inspector general, Paul Martin, in a testimony before the U.S. House Committee on Science, Space and Technology.
Martin revealed that of the $1.5 billion annual IT budget earmarked for cyber security, NASA spends only $58 million. He said that a November breach involved Chinese-based hackers that broke into NASA’s Jet Propulsion Laboratory and gained full system access and control. This allowed the intruders to modify, copy, or delete sensitive files, user accounts, credentials, and otherwise compromise NASA’s systems.
He detailed another attack last year where intruders stole the credentials of more than 150 employees. There was also an incident where an unencrypted NASA laptop was stolen. The laptop contained algorithms to command and control the International Space Station, sensitive data on NASA’s Constellation and Orion programs, as well as Social Security numbers.