Global Security, Privacy, & Risk Management

(URGENT) NASA’s JPL “pwnd” (owned) by Chinese Hackers March 1, 2012

According to a report on Foxnews, Chines hackers took control of NASA’s Jet Propulsion Labratory in November, 2011.  According to a report issued by the Inspector General the hackers had sufficient control that it: “…could have allowed them delete sensitive files, add user accounts to mission-critical systems, upload hacking tools, and more”  He further stated that: “The attackers had full functional control over these networks,” The information was released in the report released on February 26th, 2012 titled (download here): “NASA Cybersecurity; An Examination of The Agency’s Information Security.”

The report further stated: “In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorized access to its systems,” … “These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit.”

This is yet another example of the sophistication of hackers.  It is not longer feasible to rely upon network or even application layer controls.  It is imperative that companies protect the proverbial crown jewels by encryption.  On that note (I have no relation to the company at all) one of my favorite encryption vendors is a company called Vormetric.  Check out their website here or visit their blog here.  XWMDG8UN4JGC