[By Sudarshana Banerjee]

You know how it is.. you spend a hundred billion dollars in odd change, and a decade or so in a space station, and a notebook carrying algorithms to the command and control of the space station goes missing. In a recent hearing, NASA revealed some of its security glitches, and steps the agency is taking to maintain information security.

The Subcommittee on Investigations and Oversight of the Committee On Science, Space And Technology held a hearing to examine the state of information security at the National Aeronautics and Space Administration (NASA).  Witnesses discussed the details of recent NASA Office of the Inspector General (IG) reports concerning information security, the steps NASA is taking to address the recommendations contained in those reports, and future challenges to the Agency’s information security posture.

Paul Broun (Chairman, Subcommittee on Investigations and Oversight):  Many of the technologies developed and utilized by NASA are just as useful for military purposes as they are for civil space applications.  While our nation’s defense and intelligence communities guard the ‘front door’ and prevent network intrusions that could steal or corrupt sensitive information, NASA could essentially become an unlocked ‘back door’ without persistent vigilance.

NASA relies on information technology (IT) systems and networks to control spacecrafts like the International Space Station, conduct science missions using orbiting satellites like the Hubble Space Telescope, as well as for common institutional needs like email and data sharing. The threat of cyber attack to NASA satellite operations, mission support, and technology research is increasing in sophistication and frequency.

Paul Martin (Inspector General, NASA): Some NASA systems house sensitive information which, if lost or stolen, could result in significant financial loss, adversely affect national security, or significantly impair our Nation’s competitive technological advantage.

The March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station.

Chairman Broun cited the recently released U.S. China Economic and Security Review Commission report that noted that the Terra and Landsat-7 satellites “have each experienced at least two separate instances of interference apparently consistent with cyber activities against their command and control systems.”

Chairman Broun acknowledged that NASA has taken actions to adopt the recommendations included in the NASA IG report, but also said that more must be done.  “Despite this progress, the threat to NASA’s information security is persistent, and ever changing.  Unless NASA is able to constantly adapt – their data, systems, and operations will continue to be endangered.”

Ms. Linda Y. Cureton, chief information officer, and Paul K. Martin, Inspector General, NASA, testified before the Subcommittee.

[Image Courtesy: Committee On Science, Space And Technology]