The National Aeronautics and Space Administration has revealed that a laptop stolen in 2011 contained command codes for controlling the International Space Station. NASA said the unencrypted computer went missing in March of last year and resulted in the loss of the algorithms used to command and control the ISS. The Huffington Post reports that NASA Inspector General Paul K. Martin made the revelation during his testimony before a Science, Space and Technology House subcommittee on Wednesday. However, despite Martin's admission, NASA has said that at no point in time was the ISS in jeopardy because of a data breach.
"NASA has made significant progress to better protect the agency's IT systems and is in the process of implementing the recommendations made by the NASA Inspector General in this area," NASA public affairs officer Trent Perrotto is quoted as telling SecurityNewsDaily.
Martin said on Wednesday that the laptop was one of 48 NASA notebooks or mobile devices stolen between April 2009 and April 2011. What's more, NASA was, in 2011, the target of 47 advanced persistent threats. Thirteen of these successfully compromised NASA computers.
"These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives," Martin is quoted by MSNBC as saying. MSNBC reports that the attacks are among more than 5000 attacks in 2010 and 2011 that saw unauthorized intrusions or malware planted on NASA systems and cost the agency roughly $7 million.
Martin said software vulnerabilities in NASA machines often go unpatched and only 1 percent of NASA mobile devices are encrypted. He said that until the space agency can implement an agency-wide encryption policy, data stored on mobile devices will remain at high risk.