Pierluigi Paganini March 05, 2012

Everything started last week when has been announced that a laptop stolen from NASA during last year contained command codes used to control the International Space Station. The news is sensations as worrying, is it possible to store so sensible information without using any precaution like disk encryption. Are we discussing about an isolated case or is it practices to leave  unattended so precious data? Hundred of security policies, millions of words spent on security, critical infrastructure defense and institutions responsible for ensuring high levels of homeland security, this seems really useless.

This time the problem is related to a laptop but consider that dozens of devices were lost or stolen, that is the admission made to the Congress the space agency’s inspector general.

“The March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station,” NASA Inspector General Paul K. Martin said in written testimony .

The situation is alarming, we must consider the strategic importance of intellectual property exposed due to these accidents. We have repeatedly stressed the attention of foreign governments in strategic technology solutions in industries such as aerospace. In these areas it is extremely high the contribute in term of research and innovation made by new technologies that are introduced in later years used in the traditional sectors. Be able to steal this information means bridging a gap of technology and research for decades with disastrous consequences in economic terms. Substantial damage are counted also in terms of defense, the solutions are in fact first used in areas such as military, similar incidents in fact make vulnerable every country.

Consider that the estimates are only approximate and not knowing the true extent of the damage procured, in fact it is almost impossible to give real measure of the financial and technological impact. I personally think that the figure might be higher by two orders of magnitude.

Martin declared that in 2011 the agency was the target of 47 cyber attacks known as advanced persistent threats (APTs) surely made by group of expert hackers with deep knowledge of their target and of the information to search and steal, this is the proof that we are facing with cyber intelligence operations made by hostile governments. Martin admitted:

“the attackers had full functional control over these networks.”

He said that the attackers are able to gain full control on the systems of Nasa, this means that the hackers are able to operate freely exposing sensitive files or uploading hacking tools to steal user credentials and compromise the ordinary elaboration.

The situation is puzzling, what sense does it allocate investments of billions of dollars in aerospace research when the results of these efforts are within the reach of evil-minded hackers across the world?

Continuing with the internal investigation revealed a disarming scene, according to a report filed with the US House of Representatives last Wednesday none of the agency’s portable devices are encrypted. At least one of the stolen laptop containing algorithms to command and control the International Space Station.

The report notes that while around 54 percent of devices used government-wide are encrypted, only 1 percent of NASA’s devices are encrypted as of February 2012.

As can be imagined, the situation is extremely worrying and it is essential that any required actions are taken to address the cyber threats. Do not forget that NASA is one of the leading agencies in the world for Aeronautical and Space activities and it is therefore expected that its systems are the subject of innumerable attacks by hostile governments, by group of hacktivists , cyber criminals and hackers that want to test their skills against a strategic objective.

I personally think that the origin concern about these attacks is that due to cyber espionage, as occurred in the past for other aerospace agencies such as the Japanese one.
Mr Martin noted investigations had resulted in “arrests and convictions of foreign nationals in China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey, and Estonia”, everyone seems to be interested to the Nasa.

It is therefore essential that the defense capabilities of these systems that represent critical structures will grow in relation to the pressing cyber threats.

Pierluigi Paganini

UPDATE

After all this discussion I leave you with some thoughts … the site of NASA is a government site still open today, it is possible to walk down the directory structure. I understand that they are being reported to federal agencies like the FBI, which would seem little interested in it.
What is the real value that we give this information?