Report: Hackers Seized Control of Computers in NASA’s Jet Propulsion Lab

[InfoSec News <alerts () infosecnews org>]

http://www.wired.com/threatlevel/2012/03/jet-propulsion-lab-hacked/

By Kim Zetter
Threat Level
Wired.com
March 1, 2012

Hackers seized control of networks at NASA’s Jet Propulsion Laboratory 
last November, gaining the ability to install malware, delete or steal 
sensitive data, and hijack the accounts of users in order to gain their 
privileged access, according to a report from the National Aeronautics 
and Space Administration’s inspector general.

The breach, originating from Chinese-based IP addresses, allowed the 
intruders to compromise the accounts “of the most privileged JPL users,” 
giving them “full access to key JPL systems,” according to Inspector 
General Paul K. Martin in a report to Congress (.pdf).

The investigation of the breach is ongoing, but Martin says the 
intruders had the ability to modify sensitive files; modify or delete 
user accounts for mission-critical JPL systems; and alter system logs to 
conceal their actions.

“In other words, the attackers had full functional control over these 
networks,” Martin writes.

But this wasn’t the only breach NASA experienced. In 2010 and 2011, the 
agency had 5,408 computer security incidents that resulted in the 
installation of malicious software and the theft of export-controlled 
and otherwise sensitive data, with an estimated cost to NASA of more 
than $7 million. Some of the breaches “may have been sponsored by 
foreign intelligence services seeking to further their countries’ 
objectives,” Martin writes.

[...]

______________________________________________________________________________
CISSP and CEH training with Expanding Security is the fastest, easiest way
to grock the relevant data you need now.   A free class invite is in every
PainPill.  Sign up for the free weekly PainPill.  It's that easy.
http://www.expandingsecurity.com/PainPill