NASA was breached no less than 13 times last year in attacks that saw hackers obtain information for mission-critical projects and employee credentials. Testifying before members of Congress, NASA Inspector General Paul Martin revealed the news after a recent string of threats against numerous federal agencies.
Reuters reports that NASA discovered hackers with an IP address based in China broke into the agency’s Jet Propulsion Laboratory network dating back to November. The laboratory is currently responsible for actively conducting 23 space missions, including missions to Jupiter, Mars and Saturn.
Martin revealed the hackers gained full system access, meaning sensitive files in the JPL network could be modified, copied or deleted. In addition, the breach allowed for hackers to upload tools that allowed them to steal user credentials and compromise other NASA systems.
This isn’t the first time NASA has been targeted, which Martin admitted had thousands of computer security lapses between 2010 and 2011. In fact, in a similar attack last year, trespassers pilfered important credentials for accessing NASA systems from over 150 employees. Martin also acknowledged that NASA has failed to encrypt or scramble data on laptops the agency uses, which can contain codes for controlling the International Space Station.
For an agency that’s responsible for the U.S. space program, aeronautics and aerospace research, you’d think someone would have gotten the situation under control by now. But apparently for NASA, something like Internet security really is rocket science.