collapse

Author Topic: Hacking NASA - A New International Sport  (Read 12500 times)

Offline Pimander

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4994
  • Gold 368
Hacking NASA - A New International Sport
« on: November 16, 2011, 01:41:37 pm »
It looks as though NASA still have IT security issues.

Quote
A 26-year old Romanian hacker has been arrested for damaging computer systems at NASA, according to a release from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT). Robert Butyka is charged with breaking into an unspecified number of servers at NASA starting in December of 2010.
SOURCE

Earlier in the year another hacker also demonstrated the vulnerability of the systems.

Quote
NASA has become something of a reputation-building target for Romanian hackers. In an unrelated security breach in May of this year, another Romanian hacker claimed to have stolen classified satellite data from servers at NASA's Goddard Space Flight Center. That hacker, who calls himself TinKode, posted screen shots from an FTP server related to NASA's SERVIR Earth observation program, which provides data to relief agencies and other humanitarian organizations.

And in 2008, another Romanian, Victor Faur, was convicted in Romania of hacking NASA and US Navy sites in 2005 and 2006. He avoided jail time, but was fined $238,000 to compensate the US for damages.
SOURCE
« Last Edit: March 05, 2012, 02:12:00 am by zorgon »

Offline spacemaverick

  • The Roundtable
  • Hero Member
  • *****
  • Posts: 1781
  • Gold 373
  • A fantastic journey begins with curiosity
Re: Hacking NASA - A New International Sport
« Reply #1 on: November 20, 2011, 08:47:17 pm »
It really gives you confidence that NASA or any part of the rest of government computers and computer networks are very secure, NOT!

One of the things that our government has not learned is that they have not learned from history ala Gary McKinnon.
From the past into the future any way I can...Educating...informing....guiding.

Offline starwarp2000

  • Ollam Fodhla
  • Pegasus Alternate Energy Team
  • Sr. Member
  • *****
  • Posts: 811
  • Gold 151
  • Omnes Tuum Bases
Re: Hacking NASA - A New International Sport
« Reply #2 on: November 21, 2011, 09:14:16 pm »
Gary McKinnon, when he was on the NASA computer, said he did a Netstat, and that there were 'others' connected to the same network from countries such as Turkey, Eastern Europe etc. etc.
He used the old, blank Administrator Password hack, to gain access, and said that they distribute a Master image to 5,000 computers. This is common practice in large Corporations.
Every yearly audit of the Defence Systems Computers gives a bleaker and bleaker picture.
While on the NASA computer he could access other .mil computers on other networks because of the familiarity clause. You have to be a .mil to access other .mil computers, and if you are a .mil you are trusted.

Makes you wonder if they really care about security or it is a 'Honey Pot' set up to catch those who would dare attempt to hack their networks  ;D
Sit down before fact like a small child, and be prepared to give up every preconceived notion, follow humbly wherever and to whatever abyss nature lead, or you will learn nothing. —T. H. Huxley

Offline Ocker

  • Regular Members
  • *
  • Posts: 24
  • Gold 6
  • Grinning
Re: Hacking NASA - A New International Sport
« Reply #3 on: March 02, 2012, 04:38:30 pm »
I can only imagine what the hackers came across  8)  hope they share some of the more interesting finds with us soon.

Quote
Paul K Martin said hackers took over Jet Propulsion Laboratory (JPL) computers and "compromised the accounts of the most privileged JPL users".

He said the attack, involving Chinese IP addresses, was under investigation.

In a statement, Nasa said it had "made significant progress to protect the agency's IT systems".

Mr Martin's testimony on Nasa's cybersecurity was submitted to the House Committee on Science, Space and Technology's Subcommittee on Investigations and Oversight.

I wonder how long this went on for before the alarm bells rang. :o

Quote
State of security

In the document, he outlined how investigators believed the attack had involved "Chinese-based internet protocol [IP] addresses".

He said that the attackers had "full system access" and would have been able to "modify, copy, or delete sensitive files" or "upload hacking tools to steal user credentials and compromise other Nasa systems".

Mr Martin outlined how the agency suffered "5,408 computer security incidents" between 2010 and 2011.

He also noted that "between April 2009 and April 2011, Nasa reported the loss or theft of 48 Agency mobile computing devices".

In one incident an unencrypted notebook computer was lost containing details of the algorithms - the mathematical models - used to control the International Space Station.

Nasa told the BBC that "at no point in time have operations of the International Space Station been in jeopardy due to a data breach".

WTF

continue reading here
http://www.bbc.co.uk/news/technology-17231695
Conformity is the jailer of freedom Rebellion is the time for change

Offline WeekendWarrior

  • Fight for truth, fight against suppression of information!
  • Jr. Member
  • **
  • Posts: 104
  • Gold 7
  • I hate cold..
Re: Hacking NASA - A New International Sport
« Reply #4 on: March 02, 2012, 06:30:22 pm »
   Good job! I hope they will make it public if theres anything that we should know..

Offline Amaterasu

  • The Roundtable
  • Hero Member
  • *****
  • Posts: 6713
  • Gold 276
  • Information Will Free Us
    • T.A.P. - You're It
Re: Hacking NASA - A New International Sport
« Reply #5 on: March 02, 2012, 06:31:39 pm »
Yeah, that makes no sense!  Codes on a computer disappearing but no operations in jeopardy?

Huh?

But what else can NASA say?  "Uh oh.  We're in BIG trouble?"
"If the universe is made of mostly Dark Energy...can We use it to run Our cars?"

"If You want peace, take the profit out of war."

Offline starwarp2000

  • Ollam Fodhla
  • Pegasus Alternate Energy Team
  • Sr. Member
  • *****
  • Posts: 811
  • Gold 151
  • Omnes Tuum Bases
Re: Hacking NASA - A New International Sport
« Reply #6 on: March 02, 2012, 07:56:46 pm »
NASA says laptop with space station control codes was stolen:

Quote
A stolen US space agency laptop containing codes that control the International Space Station did not put the orbiting lab in peril, a NASA spokesman said on Friday.

The unencrypted notebook computer went missing in March 2011 and "resulted in the loss of the algorithms used to command and control the International Space Station", NASA Inspector General Paul Martin told lawmakers this week.

But the US space agency insisted that international astronauts were never at risk aboard the research outpost.
Advertisement: Story continues below

"NASA takes the issue of IT security very seriously, and at no point in time have operations of the International Space Station been in jeopardy due to a data breach," spokesman Trent Perrotto said.

The theft was alerted to Congress on Wednesday along with 5408 computer security "incidents" that resulted in unauthorised access to NASA systems or installation of malicious software in the past two years, Martin said.

Perpetrators are suspected to include small-time hackers, organised criminal networks and foreign intelligence services.

The attacks affected thousands of NASA computers and cost the agency more than seven million US dollars in 2010 and 2011, he said.

Over the past few years, investigations have resulted in the arrests and convictions of hackers from China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey, and Estonia, he said.

One cyber attack still under investigation happened in November 2011, when NASA's Jet Propulsion Laboratory (JPL) in California reported "suspicious network activity involving Chinese-based IP addresses", he said.

"Our review disclosed that the intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPL's networks," he added in testimony to the House Science, Space and Technology subcommittee.

"In other words, the attackers had full functional control over these networks."

To better guard against such attacks, "NASA needs to improve agency-wide oversight of the full range of its IT assets," and must encrypt more of its mobile and laptop devices, of which just one per cent are currently encrypted, he said.

Until then, NASA "will continue to be at risk for security incidents that can have a severe adverse effect on Agency operations and assets".

NASA's spokesman said in response that the space agency is in the process of implementing his recommendations and has made "significant progress to better protect the agency's IT systems".
http://www.smh.com.au/technology/sci-tech/nasa-says-laptop-with-space-station-control-codes-was-stolen-20120303-1u9b5.html#ixzz1o1QrnBDO

Could NASA security be anymore lax?
Is it just because they don't have any money or are they stupid?

If you cant secure systems.... take them offline..... simple!  8)
Sit down before fact like a small child, and be prepared to give up every preconceived notion, follow humbly wherever and to whatever abyss nature lead, or you will learn nothing. —T. H. Huxley

Offline zorgon

  • Administrator
  • Hero Member
  • *****
  • Posts: 21309
  • Gold 903
Re: Hacking NASA - A New International Sport
« Reply #7 on: March 04, 2012, 06:15:14 pm »
Hacking NASA - A New International Sport

Well we all remember Gary McKinnon's infamous and useless hack attack of NASA for which he still hasn't been extradited for :P

You would THINK the Bozo's at NASA would have smartened up  but no....

Stolen NASA Laptop Contained Space Station Control Codes
And no encryption for supervillains to crack
By Brid-Aine Parnell • Get more from this author
Posted in Enterprise Security, 1st March 2012 13:21 GMT




Quote
A NASA laptop stolen last year had not been encrypted, despite containing codes used to control and command the International Space Station, the agency's inspector general told a US House committee.

NASA IG Paul Martin said in written testimony (PDF) to the House Committee on Science, Space and Technology that a laptop was stolen in March 2011, which "resulted in the loss of the algorithms used to command and control the ISS".

Martin also admitted that 48 different agency laptops or mobile devices had been lost or stolen between April 2009 and April 2011 (that NASA knows of). The kit contained sensitive data including third-party intellectual property and social security numbers as well as data on NASA's Constellation and Orion programmes.

The actual number of missing machines could be much higher, because the agency relied on staff to 'fess up when their notebooks were lost or stolen and admit what information was on them.

Okay so Gary's hack was 2001 and this is 2012 and the spokes person fr NASA says;

Quote
"Until NASA fully implements an agency-wide data encryption solution, sensitive data on its mobile computing and portable data storage devices will remain at high risk for loss or theft," Martin told the Subcommittee on Investigations and Oversight.

Stolen NASA laptop had Space Station control codes - The Register

NASA Cybersecurity: An Examination of the Agency’s Information Security - [PDF][Arhived]

NASA Space Station Codes Were On Stolen Laptop, Inspector General Paul K. Martin Says - The Huffington Post

Offline zorgon

  • Administrator
  • Hero Member
  • *****
  • Posts: 21309
  • Gold 903
Re: Hacking NASA - A New International Sport
« Reply #8 on: March 04, 2012, 06:18:24 pm »
And that's not all....

NASA Computer Hacked, Satellite Data Accessed
17 May 2011 | 06:40 PM ET | Matt Liebowitz, SecurityNewsDaily Staff Writer



A hacker claims to have breached a NASA server.
CREDIT: Boeing.


Quote
A Romanian hacker claims to have breached a computer server at NASA's Goddard Space Flight Center and gained access to confidential satellite data.

The hacker, who calls himself TinKode, took to Twitter shortly before noon today (May 17) to boast: "NASA Goddard Space Flight Center — (Hacked) 1 Server Access."

On his blog, TinKode posted a screen grab of what he said was a Goddard Space Flight Center FTP server. The screen shot shows files that appear to be connected with NASA's SERVIR program, which uses satellite data to aid in disaster relief, health risk assessments, and climate change and biodiversity issues, wrote Paul Roberts from the security firm Kaspersky Lab.

Rob Gutro, deputy news chief at the spaceflight center, located in Greenbelt, Md., confirmed "there was a breach in the NASA Goddard FTP site" but said it actually took place in April.

"The necessary steps were taken to protect the infrastructure at that time," Gutro told SecurityNewsDaily, adding, "NASA doesn't discuss the details of our IT security but remains vigilant to secure the security of our sites."

TinKode's announcement of his hack came just one day after the final launch of the NASA space shuttle Endeavour before its retirement, and one month to the day after TinKode allegedly hacked into the servers of the European Space Agency .

NASA Computer Hacked, Satellite Data Accessed - Security News

Offline zorgon

  • Administrator
  • Hero Member
  • *****
  • Posts: 21309
  • Gold 903
Re: Hacking NASA - A New International Sport
« Reply #9 on: March 04, 2012, 06:31:58 pm »
NASA confirms satellite hacks in Congressional advisory panel
By Lydia Leavitt posted Nov 2nd 2011 8:40AM




Quote
Acknowledging suspicions that two of NASA's earth observation satellites were hacked back in 2007 and 2008, the space agency has indeed confirmed "suspicious events" in a copy of an independent Congressional advisory panel on Chinese / US relations, obtained by Bloomberg News. NASA would not say whether the attacks were organized by the Chinese military as suspected, instead opting to assure the panel that no data was captured or manipulated and that they are working to establish an agency-wide space protection program. According to the report, hackers gained enough access to the Landsat-7 and Terra AM-1 earth mapping satellites to fully command the latter -- choosing not to act on it for unknown reasons. Probably because it'd take an actual rocket scientist in order to do so. Check out the source for more details.TMP
source: Bloomberg News

NASA confirms satellite hacks

NASA Confirms ‘Suspicious Events’ in Satellite Hacking Report - TMP Lab


Chinese Military Suspected in Hacker Attacks on U.S. Satellites

Quote
Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission.

The intrusions on the satellites, used for earth climate and terrain observation, underscore the potential danger posed by hackers, according to excerpts from the final draft of the annual report by the U.S.-China Economic and Security Review Commission. The report is scheduled to be released next month.

“Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,” according to the draft. “Access to a satellite‘s controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.”

Chinese Military Suspected in Hacker Attacks on U.S. Satellites - Bloomberg News

Offline zorgon

  • Administrator
  • Hero Member
  • *****
  • Posts: 21309
  • Gold 903
Re: Hacking NASA - A New International Sport
« Reply #10 on: March 04, 2012, 06:52:37 pm »
NASA says it was hacked 13 times last year



Quote
Fri Mar 2, 2012 2:00pm EST

(Reuters) - NASA said hackers broke into its computer systems 13 times last year, stealing employee credentials and gaining access to mission-critical projects in breaches that could compromise U.S. national security.

The National Aeronautics and Space Administration spends only $58 million of its $1.5 billion annual IT budget on cyber security, Paul Martin, the agency's inspector general, told a Congressional panel on NASA security earlier this week.

"Some NASA systems house sensitive information which, if lost or stolen, could result in significant financial loss, adversely affect national security, or significantly impair our nation's competitive technological advantage," Martin said in testimony before the U.S. House Committee on Science, Space and Technology, released on Wednesday. (bit.ly/yQFSB8)

He said the agency discovered in November that hackers working through a Chinese-based IP address broke into the network of NASA's Jet Propulsion Laboratory.

He said they gained full system access, which allowed them to modify, copy, or delete sensitive files, create user accounts for mission-critical JPL systems and upload hacking tools to steal user credentials and compromise other NASA systems. They were also able to modify system logs to conceal their actions, he said.

"Our review disclosed that the intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPL's networks," he said.

In another attack last year, intruders stole credentials for accessing NASA systems from more than 150 employees.

Martin said the agency has moved too slowly to encrypt or scramble the data on its laptop computers to protect information from falling into the wrong hands.

Unencrypted notebook computers that have been lost or stolen include ones containing codes for controlling the International Space Station as well as sensitive data on NASA's Constellation and Orion programs and Social Security numbers, Martin said.

(Reporting By Jim Finkle; editing by Gunna Dickson)

NASA says it was hacked 13 times last year - Reuters News

Offline zorgon

  • Administrator
  • Hero Member
  • *****
  • Posts: 21309
  • Gold 903
Re: Hacking NASA - A New International Sport
« Reply #11 on: March 04, 2012, 06:55:46 pm »
Revealed: Chinese Hackers Broke Into NASA & Controlled Jet Propulsion Lab
Posted on March 2, 2012 at 10:07am by Liz Klimas Liz Klimas


Aerial of JPL in Los Angeles. (Photo: NASA)

Quote
On Thursday, NASA’s inspector general released a report revealing that between 2010 and 2011, the agency had more than 5,000 computer security incidents. An ongoing investigation has revealed that one such attack was on its Jet Propulsion Lab by Chinese hackers, according to Fox News.

Fox News has more on the lab attack, which it describes as a “jewel in NASA’s space technology crown:”

    That report revealed scant details of an ongoing investigation into the incident against the Pasadena, Calif., lab, noting only that cyberattacks against the JPL involved Chinese-based Internet Protocol (IP) addresses.

    Paul K. Martin, NASA’s inspector general, put his conclusions bluntly.

    “The attackers had full functional control over these networks,” he wrote.

Revealed: Chinese Hackers Broke Into NASA - The Blaze

Offline zorgon

  • Administrator
  • Hero Member
  • *****
  • Posts: 21309
  • Gold 903
Re: Hacking NASA - A New International Sport
« Reply #12 on: March 04, 2012, 06:58:18 pm »
Chinese hackers took over NASA's Jet Propulsion Lab, Inspector General reveals
Published March 01, 2012 FoxNews.com


An artist's conception of NASA's next Martian rover, called Curiosity, one of many U.S. missions to the Red Planet run by the Jet Propulsion Lab. (NASA/JPL)

Quote
Chinese hackers gained control over NASA’s Jet Propulsion Laboratory (JPL) in November, which could have allowed them delete sensitive files, add user accounts to mission-critical systems, upload hacking tools, and more -- all at a central repository of U.S. space technology, according to a report released Wednesday afternoon by the Office of the Inspector General.

That report revealed scant details of an ongoing investigation into the incident against the Pasadena, Calif., lab, noting only that cyberattacks against the JPL involved Chinese-based Internet Protocol (IP) addresses.

Paul K. Martin, NASA's inspector general, put his conclusions bluntly.

"The attackers had full functional control over these networks," he wrote.

JPL is a jewel in NASA's space technology crown.

Chinese hackers took over NASA's Jet Propulsion Lab - Fox News

Offline zorgon

  • Administrator
  • Hero Member
  • *****
  • Posts: 21309
  • Gold 903
Re: Hacking NASA - A New International Sport
« Reply #13 on: March 04, 2012, 07:02:14 pm »
Hacker High: 10 Stories of Teenage Hackers Getting into the System
By IT Security Editors

Quote
c0mrade — Miami

In 2000, a 16-year-old from Miami known on the Internet as "c0mrade" became the first juvenile to go to jail on federal computer-crime charges for hacking into NASA. The boy admitted to attacking a military computer network used by the DTRA (Defense Threat Reduction Agency) from Aug. 23, 1999 to Oct. 27, 1999. The youth installed a backdoor access on a server that intercepted more than 3,300 electronic messages to and from DTRA staff. The backdoor also accessed at least 19 usernames and passwords of DTRA employees, including at least 10 usernames and passwords on military computers. The unnamed juvenile was sentenced to six months in a detention facility.

Hacker High: 10 Stories of Teenage Hackers Getting into the System

Bunch more interesting non NASA hacks in that list, like the kid who had SWAT teams come to bust into peoples houses  :o

Offline Gigas

  • Hero Member
  • *****
  • Posts: 1285
  • Gold 90
  • This can't be real
    • An obscure place from my mind
Re: Hacking NASA - A New International Sport
« Reply #14 on: March 04, 2012, 07:20:51 pm »
In ongoing hacking or rather simply logging in a network honey pot, this just projects the system administrators are doing there work even though they leave systems wide open for script kiddies to poke around in.

Mckinnon peep show is so old the fools that left the door open should just say OK, lets move on. Mckinnon seems to be a political dog and pony show. Let say a little game the system plays with itself for others to say, see, they are doing something. Right, hanging the case out like some never ending made for TV show everyone has had enough of and wonder whats up with these numb nuts.

I say this honey pot Venus fly trap of network file fest is all for game show mentality and the real stuff is barricaded behind proxy servers fully encrypted of world.

Thats just me though......
Everyone loves me, till they're sick of me

 


Wal-Mart.com USA, LLC
affiliate_link
Free Click Tracking
Wal-Mart.com USA, LLC
Official John Lear Tin Foil Hat $19.99

* Recent Posts

Re: kits to feed your family for a year by Shasta56
[March 17, 2024, 12:40:48 pm]


Re: kits to feed your family for a year by space otter
[March 16, 2024, 08:45:27 pm]


Re: kits to feed your family for a year by Shasta56
[March 16, 2024, 07:24:38 pm]


Re: kits to feed your family for a year by space otter
[March 16, 2024, 10:41:21 am]


Re: Full Interview - Lance Corporal Jonathan Weygandt (1997) by RUSSO
[March 12, 2024, 07:22:56 pm]


Re: Full Interview - Lance Corporal Jonathan Weygandt (1997) by RUSSO
[March 09, 2024, 03:25:56 am]


Re: Full Interview - Lance Corporal Jonathan Weygandt (1997) by RUSSO
[March 09, 2024, 02:33:38 am]


Re: Music You Love by RUSSO
[March 09, 2024, 01:10:22 am]


Re: The Man Who Built UFOs For The CIA (Not Bob Lazar!) by RUSSO
[March 09, 2024, 12:14:14 am]


Re: Full Interview - Lance Corporal Jonathan Weygandt (1997) by RUSSO
[March 09, 2024, 12:08:46 am]


Re: A peculiar stone in DeForest by Canine
[March 03, 2024, 11:54:22 am]


Re: The Man Who Built UFOs For The CIA (Not Bob Lazar!) by kevin
[March 03, 2024, 11:30:06 am]


Re: The Man Who Built UFOs For The CIA (Not Bob Lazar!) by kevin
[March 03, 2024, 11:21:15 am]


Re: The Man Who Built UFOs For The CIA (Not Bob Lazar!) by kevin
[March 03, 2024, 11:16:05 am]


Re: Music You Love by RUSSO
[March 02, 2024, 07:58:09 pm]


Re: Full Interview - Lance Corporal Jonathan Weygandt (1997) by RUSSO
[March 02, 2024, 07:50:59 pm]


Re: The Man Who Built UFOs For The CIA (Not Bob Lazar!) by RUSSO
[March 02, 2024, 07:43:03 pm]


Re: The Man Who Built UFOs For The CIA (Not Bob Lazar!) by RUSSO
[March 02, 2024, 07:41:30 pm]


Re: The Man Who Built UFOs For The CIA (Not Bob Lazar!) by kevin
[March 01, 2024, 11:54:23 am]


Re: The Man Who Built UFOs For The CIA (Not Bob Lazar!) by kevin
[March 01, 2024, 11:34:15 am]