tech:

taffy

How NASA Lost International Space Station Command Codes

[By Sudarshana Banerjee]

You know how it is.. you spend a hundred billion dollars in odd change, and a decade or so in a space station, and a notebook carrying algorithms to the command and control of the space station goes missing. In a recent hearing, NASA revealed some of its security glitches, and steps the agency is taking to maintain information security.

The Subcommittee on Investigations and Oversight of the Committee On Science, Space And Technology held a hearing to examine the state of information security at the National Aeronautics and Space Administration (NASA).  Witnesses discussed the details of recent NASA Office of the Inspector General (IG) reports concerning information security, the steps NASA is taking to address the recommendations contained in those reports, and future challenges to the Agency’s information security posture.

Paul Broun (Chairman, Subcommittee on Investigations and Oversight):  Many of the technologies developed and utilized by NASA are just as useful for military purposes as they are for civil space applications.  While our nation’s defense and intelligence communities guard the ‘front door’ and prevent network intrusions that could steal or corrupt sensitive information, NASA could essentially become an unlocked ‘back door’ without persistent vigilance.

NASA relies on information technology (IT) systems and networks to control spacecrafts like the International Space Station, conduct science missions using orbiting satellites like the Hubble Space Telescope, as well as for common institutional needs like email and data sharing. The threat of cyber attack to NASA satellite operations, mission support, and technology research is increasing in sophistication and frequency.

Paul Martin (Inspector General, NASA): Some NASA systems house sensitive information which, if lost or stolen, could result in significant financial loss, adversely affect national security, or significantly impair our Nation’s competitive technological advantage.

The March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station.

Chairman Broun cited the recently released U.S. China Economic and Security Review Commission report that noted that the Terra and Landsat-7 satellites “have each experienced at least two separate instances of interference apparently consistent with cyber activities against their command and control systems.”

Chairman Broun acknowledged that NASA has taken actions to adopt the recommendations included in the NASA IG report, but also said that more must be done.  “Despite this progress, the threat to NASA’s information security is persistent, and ever changing.  Unless NASA is able to constantly adapt – their data, systems, and operations will continue to be endangered.”

Ms. Linda Y. Cureton, chief information officer, and Paul K. Martin, Inspector General, NASA, testified before the Subcommittee.

[Image Courtesy: Committee On Science, Space And Technology]

Just in

How Elon Musk’s X became the global right’s supercharged front page — The Guardian

Every week, the platform seems to supercharge a news issue that comes to dominate conservative discourse – and often mainstream discourse, as well – with real political repercussions; writes J Oliver Conroy.

Court strikes down US net neutrality rules — BBC

A US court has rejected the Biden administration's bid to restore "net neutrality" rules, finding that the federal government does not have the authority to regulate internet providers like utilities; writes Natalie Sherman. 

Meta scrambles to delete its own AI accounts after backlash intensifies — CNN

Meta promptly deleted several of its own AI-generated accounts after human users began engaging with them and posting about the bots’ sloppy imagery and tendency to go off the rails and even lie in chats with humans; writes Allison Morrow. 

Apple agrees to $95 million settlement in Siri eavesdropping lawsuit — Gizmodo

Apple has agreed to pay $95 million to settle a long-running class action lawsuit that accused the company of illegally intercepting customers’ conversations through its Siri virtual assistant, writes Todd Feathers. 

The US Treasury Department was hacked — The Verge

The threat actor stole a key used by BeyondTrust “to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users, writes Emma Roth.