NASA said hackers stole employee credentials and gained access to mission-critical projects last year in 13 major network breaches that could compromise U.S. national security.
The space agency discovered in November that hackers working through an Internet Protocol address in China broke into the -network of NASAs Jet Propulsion Laboratory.
One of NASAs key labs, JPL manages 23 spacecraft conducting active space missions, including missions to Jupiter, Mars and Saturn. He said the hackers gained full system access, which allowed them to modify, copy, or delete sensitive files, create new user accounts and upload hacking tools to steal user credentials and compromise other NASA systems. They were also able to modify system logs to conceal their actions. ‘Our review disclosed that the intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPLs networks.
In another attack last year, intruders stole credentials for accessing NASA systems from more than 150 employees. Martin said the his office identified thousands of computer security lapses at the agency in 2010 and 2011. He also said NASA has moved too slowly to encrypt or scramble the data on its laptop computers to protect information from falling into the wrong hands. Unencrypted notebook computers that have been lost or stolen include ones containing codes for controlling the International Space Station, as well as sensitive data on NASAs Constellation and Orion programs.