NASA IG Warns of “Catastrophic Adverse Effect” — Calls for Continuous Monitoring

An Audit Report by NASA’s Office of Inspector General found that “six computer servers associated with IT assets that control spacecraft and contain critical data had vulnerabilities that would allow a remote attacker to take control of or render them unavailable. Moreover, once inside the Agency-wide mission network, the attacker could use the compromised computers to exploit other weaknesses we identified, a situation that could severely degrade or cripple NASA’s operations.”

The IG report warned that “the Agency is vulnerable to computer incidents that could have a severe to catastrophic adverse effect on Agency assets, operations, or personnel.”

One the Report’s two recommendations was for NASA to  “Add as a security control continuous monitoring of their mission computer networks for Internet-accessible computers and take prompt action to mitigate identified risks.”

Attached below is the complete audit report.

NASA-IG-11-017

Leave a Reply


3 + = 11