Friday, November 21, 2008

NASA v China

Yesterday Businessweek posted a fascinating and lengthy report titled Network Security Breaches Plague NASA. This part will sound familiar to many readers.

By early 1999 the volume of intrusions had grown so worrisome that Thomas J. Talleur, the most senior investigator specializing in cyber-security in the Inspector General's office at NASA, wrote a detailed "network intrusion threat advisory..."

Talleur, now 59, retired in December 1999, frustrated that his warnings weren't taken more seriously. Five months after his advisory was circulated internally, the Government Accountability Office, the investigative arm of Congress, released a public report reiterating in general terms Talleur's concerns about NASA security. But little changed, he says in an interview. "There were so many intrusions and hackers taking things we had on servers, I felt like the Dutch boy with his finger in the dike," he explains, sitting on the porch of his home near Savannah, Ga. On whether other countries are behind the intrusions, he says: "State-sponsored? God, it's been state-sponsored for 15 years!"


The article mentions China and the Russians.

Speaking of China, yesterday's story coincides with a press release on the Annual Report to Congress of the U.S.-China Economic and Security Review Commission titled U.S. – China commission cites Chinese cyber attacks, authoritarian rule, and trade violations as impediments to U.S. economic and national security interests.


Richard Bejtlich is teaching new classes in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.

2 comments:

jbmoore said...

Well, should we be surprised? We all knew NASA's management was a mess after Columbia burned up in 2003 and they ignored engineers' warnings again. Cyber threats are somewhere down the list when you lose a billion dollar shuttle and crew. IP, what's that? The article also fails to mention the issue of who is responsible for what. Contractor systems were exploited. Is NASA responsible for the security of those systems or the contractors such as Boeing or Lockheed Martin? If the latter, then the article was assigning blame to the wrong entity.

You had postings about Shawn Carpenter and his problems with Lockheed Martin while at Sandia National Labs. Lockheed Martin also runs satellite operations. They lost a Mars probe because they didn't use metric to english conversions. It is possible that the Maryland operations center was either run by Lockheed or contracted out to Lockheed for NASA. How can NASA keep track of other people's systems and networks? I am not absolving nASA of blame, just pointing out that they might not have considered network and information security as a necessity when they signed contracts with Boeing and Lockheed Martin.

I just did a search for network security jobs and NASA on the federal jobs web site. Nada, zilch. The government still seems more concerned with physical security rather than network security. My guess is that it is because the people in charge don't know anything about networked computer systems. There was an interesting interview with Michael Rosenblum on CSPAN last week where he talked about Hillary Clinton and her advisors not knowing about YouTube. This illustrates more than anything the disconnect between our so called leaders and the world we live in. They, both Hillary and NASA management, live in an insulated world of power and politics while the technological world passes them by and renders their world somewhat useless because they will not make decisions fast enough or don't know what the correct decision is due to ignorance. (The same could be said for the U.S. automakers. They are being rendered obsolete by technology and events, but their demise is of their own making. The Japnese automakers already make hybrid cars.) Microsoft discovered this with the court system and ran amuck for some time. The hackers are the same. They are emulating Microsoft to an extent.

But what of the network security community? We knew of McColo's activities for some time and dithered because of fear of legal retribution. Then came Brian Krebs from The Washington Post, who called McColo's peers and got them shut down. All it took was one man and a few phone calls..

Richard said...

I guess the same things happened at China and Russia, more or less, but should be very similarly. So I think no reason you can regard more threats from China and Russia than to them by USA.