NASA is a gold mine of space-age secrets, so one might expect it to have an impenetrable security system. But the agency's inspector general, Paul Martin, last week told a House subcommittee of a litany of security breaches between 2009 and 2011, including a stolen laptop containing command and control codes for the International Space Station. "NASA's position as an agency for national edification of all things space makes it an especially porous and attractive target for hackers and thieves," says Heather McLellan at the Escapist. And "such a high volume of breaches is unacceptable for an agency like NASA." Here, a look at the unsettling losses, by the numbers:
NASA-owned notebooks and mobile devices stolen between 2009 and 2011
Stolen laptops containing security codes that control the International Space Station. The theft, however, "did not put the orbiting lab in peril," said a NASA spokesperson.
Cyber-security incidents in 2010 and 2011 that led to the installation of malware or resulted in unauthorized access to NASA's systems
Incidents classified as "advanced persistent threats" (APTs) — which are not only more sophisticated than regular attacks, but can result in the theft or modification of information without detection
APT attacks that successfully compromised NASA computers
Age of Romanian hacker "TinKode" (real name Razvan Manole Cernaiu), who successfully hacked into a computer at NASA's Goddard Space Flight Center in 2011 to test his "skills"
Computers in NASA's Atmospheric Infrared Sounder Program compromised by another Romanian hacker, 25-year old Robert Butkya, a.k.a "Iceman"
NASA losses from intrusions by "Iceman" alone
NASA's total losses resulting from cyber attacks in 2010 and 2011
Annual NASA expenditures for information technology security
Annual expense for information technology overall