NASA Hacked 5,400 Times? | TechSNAP 47

NASA Hacked 5,400 Times? | TechSNAP 47

NASA loses the keys to the International Space Station, Microsoft can’t figure out what day it is, and I laugh myself to tears over the lack of security at Stratfor

All that and more, on this week’s TechSNAP!

Thanks to: Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Super special savings for TechSNAP viewers only. Get a .co domain for only $7.99 (regular $29.99, previously $17.99). Use the GoDaddy Promo Code cofeb8 before the end of March to secure your own .co domain name for the same price as a .com.

Private Registration use code: march8

Pick your code and save:
cofeb8: .co domain for $7.99
techsnap7: $7.99 .com
techsnap10: 10% off
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans



Direct Download Links:

HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

Subscribe via RSS and iTunes:

Show Notes:

NASA laptop stolen, contained control algorithms for the International Space Station

  • In 2010 and 2011 NASA reported 5,408 computer security incidents ranging from the installation of malware on a computer, through the theft of devices and cyber attacks suspected to be from foreign intelligence agencies.
  • 47 incidents were identified as Advance Persistent Threat attacks, and of these, 13 were successful in compromising the agency’s computer systems
  • In an example of such an incident, attackers from Chinese-based IP addresses gained full access to a number of key JPL systems giving them the ability to:
  • Modify, copy or delete sensitive files
  • Add, modify or delete user accounts for mission critical systems
  • Upload hacking tools (keyloggers, rootkits) to steal user credentials and thereby compromise other NASA systems
  • Modify or corrupt the system logs to conceal their actions
  • Some of the breaches have resulted in the unauthorized release of Personally Identifiable Information, the disclosure of sensitive export-controlled data and 3rd party intellectual property
  • Inspector General Testimony before Congress re: IT Security
  • Discovery News Coverage

Windows Azure suffers worldwide outage

  • The Microsoft Azure Cloud service was down for most of the day on February 29th
  • The Service Management system was down for over 9 hours
  • Azure Data Sync was down form 2012–02–29 08:00 through 2012–03–01 03:00 UTC
  • Microsoft says that the outage appears to have been caused by a leap year bug
  • “28 February, 2012 at 5:45 PM PST Windows Azure operations became aware of an issue impacting the compute service in a number of regions,”
  • “While final root cause analysis is in progress, this issue appears to be due to a time calculation that was incorrect for the leap year.”
  • Microsoft Azure Service Dashboard
  • The outage also effected the UK Government’s ‘G-Cloud’ CloudStore
  • TechWeek Europe Coverage
  • Slashdot Coverage – Outage Root Cause
  • PCWorld – Previous Microsoft problems with Leap Years

Wikileaks releases the data stolen in the StratFor compromise


Q: Robert Bishop Writes: Can I Secure my network with multiple NAT routers to isolate a system?

War Story:

This is a war story with a difference, as it didn’t involve some crazy user doing some bat shit crazy thing with their computer. It was simply a call to one of the tech support agents where the user wanted to know the following:

“What is the exact chemical composition of the battery in the Thinkpad 760 XD?”
“What are the recommended disposal procedures for said battery?”
“Can you tell me what would happen to the battery if it ruptured in a vacuum environment?”
“If the battery were to overheat, how volatile would the liquid effluent be?”

I doubt the user could have even gotten the questions out and taken a breath before the agent put them on hold and ran for help. The agent walked over to the second level support area rather than call as per procedure. After a good five minutes of talking, nobody could really answer the questions and worse, we couldn’t figure out what part of the company might actually have those answers.

As with all good tech support strategies we decided a two pronged approach – the agent would get back on with the user and stall for time while the rest of us would frantically hunt down any possible source of information that could help. We told the agent to ask why the user needed such detailed information and if it was a weak answer to push for a callback to buy even more time.

Some twenty minutes later the agent came back over to us with some interesting details on what was going on. It was all a misunderstanding. The user was supposed to call some private support number at IBM and not the public number. Our enterprising young agent did pull a fast one and offer to transfer the user to the number directly. The user provided the number and the agent promptly connected the call, then hit mute and stayed on the line. An American accent answered, the user responded and provided an account code upon request.

The tech on the private number acknowledged that the user was calling from NASA – Blackhawk Technologies Subsidiary. Apparently the shuttle program had 4 of those laptops on each mission – 1 primary and 3 redundant backups just in case. Suddenly the tricky questions all made sense. And eavesdropping can kill curiosity can never be a bad thing, right?

Round Up:

Question? Comments? Contact us here!