Stolen NASA laptop contained space station control codes

By on March 2, 2012, 11:53 AM

NASA inspector general Paul Martin testified before a House Science, Space and Technology subcommittee that a notebook stolen from the aeronautics company was unencrypted and contained codes to control the International Space Station. The system was one of 48 notebooks or mobile devices stolen from NASA over a two year period.

The notebook was reported stolen in March 2011 and resulted in the loss of algorithms used to command and control the International Space Station. Other stolen items have contained Social Security numbers and sensitive data on NASA’s Constellation and Orion programs.

The situation thickens as NASA can’t fully measure the amount of sensitive data compromised because the agency relies on employees to self-report data loss rather than maintaining and reviewing backups of said data. Even more alarming, as of February 1, 2012, only 1 percent of NASA portable devices / notebooks are encrypted.

The testimony was part of an extensive audit submitted to Congress earlier this week that highlights multiple IT-related issues. Martin notes that some NASA systems contain sensitive information which, if lost or stolen, could result in significant financial loss, adversely affect national security or significantly impair the nation’s competitive technological advantage.

NASA says they spend more than $1.5 billion annually on IT-related activities which includes approximately $58 million for IT security. Even so, a May 2010 audit found only 24 percent of computers on a mission network were monitored for critical software patches and only 62 percent were checked for technical vulnerabilities.




User Comments: 16

Got something to say? Post a comment
Chazz said:

So what is that 1.5 Billion going towards if their IT is that shitty?

Lurker101 said:

If you had the control codes, would it be possible to sit there for days messing around with the space station light switches, just to freak the astronauts out?

NeoFlux said:

Lurker101 said:

If you had the control codes, would it be possible to sit there for days messing around with the space station light switches, just to freak the astronauts out?

+100

Guest said:

damn nasa, just hire me and ud be more secure than these IT people made you. I'll have A+ certification soon. LOL

Tygerstrike said:

Its NASA. These are the same ppl who with Dino-Tech sent men to the moon. Cut them some slack. Im not saying that the lose of that type of sesitive info isnt important, Im just saying that LIFE happends. Sometimes good sometimes bad. So someone got codes and info. Without a stable and secure link to the ISS, not much can be done with the information. Someone may be able to sell the info, but NASA can just release the info and make it worthless.

NTAPRO NTAPRO said:

1 percent? Wtf

killeriii said:

Just need one more piece for my Moonraker plan...

lipe123 said:

Lurker101 said:

If you had the control codes, would it be possible to sit there for days messing around with the space station light switches, just to freak the astronauts out?

Oh no I'd totally make the PA system say the stuff HAL does!

Must say this is pretty shocking!

At least the US govmt walks the walk, they want everyones computer history open and available and they show us this great example of NASA being just that =P

Webmasteh Webmasteh said:

This is moronic, as well preplanned in which I support in full.

I support the NWO, and all things before and after.

TJGeezer said:

Too many bureaucrats, probably, and not enough techies. Budget cuts never hit the managers, just the people who used to get stuff like that taken care of before they got laid off.

On the positive side, it's a beautiful demonstration of why throwing $58 million at a system won't solve basic maintenance problems. I mean - really? Only 24% bother with software patches? If I were on the ISS, that revelation would make me nervous.

Guest said:

Did they send anyone to the Moon Really, :)

or was it a elaborate Hollywood stunt, :)

MrAnderson said:

She should be heck to pay for not at least having the laptop encrypted. That just shows how serious they are about security... and I mean the lives of the people up there. Hope they have a way to change the codes quickly in case of such a compromise.

Guest said:

Ok so lets begin to use this codes.."activatenukesilo" and see what happens...holy sh*t..wtf

Cota Cota said:

Anyway why would you carry information so important in any mobile device?

This is worst than that USB whit missile codes.. its not like 1234 was a strong password.

Guest said:

if NASA cant make a self destructing laptop that would just rip the HD to shreds at the push of a button then i don't know who can. jeeez Louise

Guest said:

funny, my email is more secure than NASA. go figure.

Really can't believe encrypting hard drives isn't a standard, a 2 min youtube clip shows you how to do it. lololol

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.