HOT TOPICS >> Cloud computing | Cybersecurity | Gov 2.0 | Fiscal 2012 | Mobile | Transparency | GAO reports
AGENCY NEWS >> Defense | NASA | Homeland Security | NIST | OMB | Veterans Affairs | NARA | GSA
Latest News
Media Partner
Free Newsletter
FierceGovernmentIT tracks the latest technological developments in the U.S. government. Join more than 17,000 federal/state decision makers and IT executives who get FierceGovernmentIT via email. Sign up today!
About | View Sample | Privacy
Whitepapers
- Migrating enterprise digital communication to the Cloud
- The E-discovery Toolbox: What you should look for in a unified e-discovery solution
- Business Intelligence: It's All in the Data
- Innovative Solutions for Database and DBA Management
- Storage Consolidation: Best of Both Worlds
- The Top 4 Reasons Your Telecom Expense Management Provider Shouldn't Manage Your Wireless
GAO: NASA, we have a problem
The National Aeronautics and Space Administration (NASA) has an amazing record of sending men and women into space, but its work in cyberspace leaves much to be desired.
The Government Accountability Office, the watchdog agency of Congress, reported last week that NASA had 1,120 security incidents involving the installation of malicious software on its systems and unauthorized access to sensitive information in fiscal years 2007 and 2008. That included 839 malicious code attacks, more than any other government agency, and many may have come from foreign countries.
What's worse, NASA's systems remain vulnerable even though the agency has been trying to solve the problems, even going as far as to create its own security operations center last year.
"The control vulnerabilities and program shortfalls, which GAO identified, collectively increase the risk of unauthorized access to NASA's sensitive information, as well as inadvertent or deliberate disruption of its system operations and services," said the GAO. "They make it possible for intruders, as well as government and contractor employees, to bypass or disable computer access controls and undertake a wide variety of inappropriate or malicious acts. As a result, increased and unnecessary risk exists that sensitive information is subject to unauthorized disclosure, modification, and destruction and that mission operations could be disrupted."
For example, one NASA center reported the theft of a laptop containing 3,000 files of unencrypted International Traffic in Arms Regulations data. This included information for Hypersonic Wind Tunnel testing for the X-51 scramjet project and possibly personally identifiable information. Another center reported the theft of a laptop that held thermal models, review documentation, test plans, test reports, and requirements documents pertaining to NASA's Lunar Reconnaissance Orbiter and James Webb Space Telescope projects.
Clearly something is amiss at NASA. They surely need better firewalls and software on their systems to prevent attacks and theft of sensitive information, and they certainly need better on-the-ground controls over equipment like laptops.
For more on NASA's cyber problems:
- see this NetworkWorld article
Related Articles:
NASA brings space data online
Linda Cureton named NASA CIO
NASA plans to spend $2.4 billion on IT
NASA eyed for Fed cloud computing center
SHARE WITH:
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map
| EditorsTHE FIERCEMARKETS NETWORKFierceEnergy | FierceSmartGrid | FierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceEMR | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceGovernment | FierceHomelandSecurity | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceEnterpriseCommunications | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2011 FierceMarkets. All rights reserved. |
 |
