An official audit of NASA's network has concluded that the space agency faces a high risk of cyberattack. Experts from the Office of the Inspector General (OIG) paint a grim picture of the state of the space agency's server infrastructure, warning that vulnerabilities in its systems leave it open to defacement, denial of service …
kinda reminds me
of the onion article....
But NASA is almost impregnable, isn't it?
I thought only evil, destructive, terrorist, psychopathic, genius hackers like McKinnon could get anywhere near it? Or is this another bunch of fucktards?
Can I be the first to say ...
They really ought to secure their systems. I mean, it's not rocket science.
What chance of a McKinnon conviction now?
So, if even the OIG says that a skiddie could take over a space mission by compromising a server in its report, some years are arch evil hacker Gary McKinnon started looking for UFO's on NASA's servers, how can they convict him?
Will an argument of "our servers were really secure then, but we compromised security recently" really wash?
Or is it a case that previously these servers were so wide open my granny could have penetrated them, and they are only marginally more secure now?
Actually I think this is a case when logic (political, security, technical) has gone to Mars. If most security is "Security Theatre", then NASA is definitely a comedy of errors.
The two are related HOW?
The number of vulnerabilities in a system has no bearing on the legality of attacking it. That's right up there with the "oh common, she was asking for it, just look at her" defense.
If your granny penetrated these systems, she would also be a criminal. As it is, your granny probably couldn't have penetrated these systems, as I'm sure she has the common sense to recognize that is is wrong and illegal.
Either a) he knowing broke the law, in which case he should pay for the crime, or b) he could not tell right from wrong, in which case he is criminally insane and needs to be separated from society for the mutual protection of both.
call me thick - but surely mission critical systems aren't connected directly to t'interwebs???? I know my mission critical servers certainly aren't.
Perhaps I should get a job as a security consultant for NASA?
Daily Mail moment
"which included systems that control spacecraft" != "six computer servers associated with IT assets that control spacecraft"
Couldn't they simply turn it off
"Agency-wide mission" = what mission?
They aren't doing space flights, they haven't been launching commercial or military sats since challenger and the science projects are built by universities.
If you stop the bits that are just a tax-payer funded R+D write off for Boeing and the bits that are a back-hander (sorry strategic investment) in the other California aerospace companies then all you have left is two theme parks - and you can get Disney to run those.
No U.S. deathrays?
"... they haven't been launching commercial or military sats since challenger..."
What, no U.S. secret microwave / laser / whatever DeathRaySatellites(TM) after all? Darn.
Well, on the bright side, at least if they don't exist, the hackers can't take them over and roast some unauthorized target cities just because they can.
Let's hope that whoever *does* have neat toys like that (must be *someone*, surely), has a better handle on security.
P.S. - these various nations probably have more toys up there than they care to admit to. And if they don't, they should - it's just a matter of time, and as usual, the player with the best toys, wins.