A laptop stolen from NASA last year was unencrypted and contained command and control codes for the International Space Station on it, the agency's inspector general told a House subcommittee Wednesday.
In his testimony before a House Science, Space and Technology subcommittee, NASA Inspector General Paul Martin said the notebook computer stolen in March 2011 "resulted in the loss of the algorithms" used to control the space station. This particular laptop, Martin said, was one of 48 NASA notebooks or mobile devices stolen between April 2009 and April 2011.
Some of these thefts resulted in the leak of sensitive data "including export-controlled, Personally Identifiable Information, and third-party intellectual property," as well as Social Security numbers and data on NASA's Constellation and Orion programs, Martin said. [NASA Computer Hacked, Satellite Data Accessed]
The actual number of stolen and compromised devices could be much higher because NASA relies on employees to self-report incidents.
In an email, NASA spokesman Trent Perrotto told SecurityNewsDaily that "at no point in time have operations of the International Space Station been in jeopardy due to a data breach."
"NASA has made significant progress to better protect the agency's IT systems and is in the process of implementing the recommendations made by the NASA Inspector General in this area," Perotto added.
In 2011, NASA, which Martin rightly called a "target-rich environment for cyberattacks," was the target of 47 advanced persistent threats, 13 of which successfully compromised NASA computers.