The latest comes from the Japan Aerospace Exploration Agency (JAXA), which has found a computer virus slurping up data from a desktop computer at the Tsukuba Space Center about one of its newest rockets. Command & Control proved to be external, the New York Times reported. The Epsilon solid-fuel rocket will launch next fall for the first time, and is being developed to launch satellite and space probes, as well as serve an ancillary function for military use as intercontinental ballistic missiles. Worryingly, it can be remotely controlled by a personal computer, the Times noted.
Sophos researcher Lisa Vaas pointed out in her blog that that JAXA is far from the only space agency-related target. There have been a string of space-related cyber-issues, including in November 2011, when a Romanian man was arrested for hacking into NASA servers, and in 2008, when a worm blasted off to the International Space Station, carried on a memory stick by an astronaut.
In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malware or unauthorized access to the space agency’s systems.
“Some of these intrusions have affected thousands of NASA computers, caused significant disruption to mission operations, and resulted in the theft of export-controlled and otherwise sensitive data, with an estimated cost to NASA of more than $7 million,” NASA Inspector General Paul Martin told the US Congress in February. He was testifying to lawmakers regarding last November’s breach of networks at NASA’s Jet Propulsion Laboratory (JPL) by Chinese-based hackers, who compromised the accounts of the “most privileged JPL users.”
“It's odd to think about rocket scientists muffing up the most elemental of security precautions, but there you have it: an employee clicks on an infected attachment, an astronaut plugs in a memory stick infected with creepy-crawlies, and then too, only last month an unencrypted NASA laptop was stolen when thieves broke into a car,” said Vaas.
When it comes to JAXA, the agency in January discovered a trojan on an employee's computer that may have compromised login credentials for a cargo shuttle that carries food and equipment to the International Space Station; and before that, in August 2011, it found malware that after an employee opened an infected email attachment.
“JAXA immediately snatched the computer offline and scrubbed it clean – or, at least, that's what the agency thought,” Vaas noted. “But the computer stayed quirky, with JAXA describing it as ‘unstable’ and prone to displaying ‘abnormalities.’"
JAXA engineers then found a second virus in January that has been active in stealing undisclosed information between July 6 and August 11. The agency took action and changed passwords, conducting an emergency sweep of the rest of the infrastructure to beef up security where needed. Now it appears that the efforts were not comprehensive enough.
“Full disk encryption, not clicking on unexpected email attachments, and scanning portable USB drives can go a long way toward avoiding data loss,” Vaas said. “It's not rocket science, but then again, after all, rocket scientists are just human.”