Chinese hackers took over NASA's Jet Propulsion Lab, Inspector General reveals

FOX ^ | 03/01/12 | FOXNEWS

[Doogle]

Chinese hackers gained control over NASA’s Jet Propulsion Laboratory (JPL) in November, which could have allowed them delete sensitive files, add user accounts to mission-critical systems, upload hacking tools, and more -- all at a central repository of U.S. space technology, according to a report released Wednesday afternoon by the Office of the Inspector General.

That report revealed scant details of an ongoing investigation into the incident against the Pasadena, Calif., lab, noting only that cyberattacks against the JPL involved Chinese-based Internet Protocol (IP) addresses.

Paul K. Martin, NASA’s inspector general, put his conclusions bluntly.

“The attackers had full functional control over these networks,” he wrote.

JPL is a jewel in NASA's space technology crown.

[Doogle]

obamaville

[Theoria]

Idiots. Complete idiots. There is no point even having JPL sensitive material even linked or accessed from the internet. You can’t protect a site from attacks, the best thing is not to put it online. Fools.

[brent13a]

You would think, in any company or agency that has ultra-sensitive information they would leave the most sensitive on a system that is completely cut off and sealed off from every other system. IE A server sitting in a room plugged in only to the power outlet.

But who said there is common sense in the government or corporate world? As we all know the so-called smartest people usually lack common sense.

[Don Corleone]

obamaville

It wouldn't surprise me to find out that this Marxist administration is funneling the code to them.

[DannyTN]

For the life of me, I don’t understand why sensitive technologies like this aren’t completely physically disconnected from the web.

[pfflier]

OK try this:

In Nov 2011 the Chinese hacked into JPL and could get anything they wanted.

In Dec of 2011 the US drone went down in Iran.

One of the key elements in hijacking the drone would have been interception of the up and downlink to satellites used to relay flight control information.

[who_would_fardels_bear]

1. Generate lots of useful data on a completely isolated computer system.

2. Filter out all of the sensitive stuff

3. Generate a report of the findings for non-secret consumption.

Now how to get it onto the main network for publishing and distribution. Could use a thumbdrive, but it could have a virus on it. Could do some sort of sneakernet, but what if you have dozens of such reports to create on a daily basis?

[brent13a]

I’m no IT security expert. All I know is to be secure from any/all internet hacking you need to be cut off from the internet altogether.

[Doogle]

http://oig.nasa.gov/orgCharts/inspector_general.html

[Bloody Sam Roberts]

Indeed. More proof that this unconscionable tool in the WH is doing his level best to sell this nation down the river and destroy it outright. He needs to be defeated in this election. Removed in disgrace would be better.

[Doogle]

bingo

[brent13a]

I would like to blame everything on BO and his goon squad but in all probability this was/is a systemic policy stemming from laziness and too much bureaucracy that started years ago.

[itsahoot]

I’m no IT security expert. All I know is to be secure from any/all internet hacking you need to be cut off from the internet altogether.

I saw some expert the other day say that there is a method whereby they can access you computer through the power lines, if they really want to.

[Bloody Sam Roberts]

Indeed you are correct. However, BO is the one who shut down our STS. He is the one who started the whole Muslim outreach program at NASA. He does things daily that weaken us and expose us to those who would gladly do harm to the USA.

[Doogle]

The security lapses include the loss or theft of 48 mobile computing devices between April 2009 and April 2011, "some of which resulted in the unauthorized release of sensitive data including export-controlled, Personally Identifiable Information (PII), and third-party intellectual property." "For example, the March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station," Martin wrote. "Other lost or stolen notebooks contained Social Security numbers and sensitive data on NASA's Constellation and Orion programs. Moreover, NASA cannot consistently measure the amount of sensitive data exposed when employee notebooks are lost or stolen because the agency relies on employees to self-report regarding the lost data rather than determining what was stored on the devices by reviewing backup files.

[brent13a]

I saw some expert the other day say that there is a method whereby they can access you computer through the power lines, if they really want to.

ok.

[Doogle]

the agency relies on employees to self-report regarding the lost data rather than determining what was stored on the devices by reviewing backup files.

..who's running security? Sandy Berger?

[Uri’el-2012]

Chinese hackers gained control over NASA’s Jet Propulsion Laboratory (JPL)

Windows on the net !

[veracious]

I’d like to agree to point at 0, but...

The sellout to China started long before 0! Period.

A very long list of Reps and Dems are bought and sold on the DC market daily. Just a portion of several score hundred billion dollars in USA wealth transferred to foreign nations, in the past 20-30 years. Technology and IP corporate and USG, slip sliding away, in front of your eye.

[Wuli]

locations/organizations with sensitive information should have internal networks that have NO physical, external network or internet capable connection and have no user-access points, local or remote that have external connections; even if it means certain people at these locations have more than one PC/terminal that they have to do their work on; and “sharing” sensitive information, even between authorized persons, should NOT be achieved using Internet connections, “secure” or otherwise.