DorobekInsider

A number of items worth keeping an eye on — between bites of turkey, of course…

NASA under cyber-attack, BusinessWeek reports

BusinessWeek has a story — the first of what I’m sure will be scores of similar type stories — about agencies under cyber-attack. In this instance, it is NASA. We spoke to Keith Epstein, an investigative reporter in BusinessWeek’s Washington bureau, on Federal News Radio’s Daily Debrief with Chris Dorobek and Amy Morris on Friday about the story. You can hear that conversation here.

You can read BusinessWeek’s story here.

America’s military and scientific institutions—along with the defense industry that serves them—are being robbed of secret information on satellites, rocket engines, launch systems, and even the Space Shuttle. The thieves operate via the Internet from Asia and Europe, penetrating U.S. computer networks. Some of the intruders are suspected of having ties to the governments of China and Russia, interviews and documents show. Of all the arms of the U.S. government, few are more vulnerable than NASA, the civilian space agency, which also works closely with the Pentagon and American intelligence services.

In April 2005, cyber-burglars slipped into the digital network of NASA’s supposedly super-secure Kennedy Space Center east of Orlando, according to internal NASA documents reviewed by BusinessWeek and never before disclosed. While hundreds of government workers were preparing for a launch of the Space Shuttle Discovery that July, a malignant software program surreptitiously gathered data from computers in the vast Vehicle Assembly Building, where the Shuttle is maintained. The violated network is managed by a joint venture owned by NASA contractors Boeing and Lockheed Martin.

Undetected by the space agency or the companies, the program, called stame.exe, sent a still-undetermined amount of information about the Shuttle to a computer system in Taiwan. That nation is often used by the Chinese government as a digital way station, according to U.S. security specialists.

By December 2005, the rupture had spread to a NASA satellite control complex in suburban Maryland and to the Johnson Space Center in Houston, home of Mission Control. At least 20 gigabytes of compressed data—the equivalent of 30 million pages—were routed from the Johnson center to the system in Taiwan, NASA documents show. Much of the data came from a computer server connected to a network that tracks malfunctions that could threaten the International Space Station.

As I say, I’m sure this is just the first of many of these kinds of stories… and it gives you an indication as to why the Bush administration has stepped up its cyber-security initiatives.

Years ago — back in 2005, in fact — FCW had a story headlined, The new Trojan war, that looked at these cyber-security issues.

In mythology, the Greeks found an innovative way to avoid Troy’s defenses. By offering the gift of a huge horse — hollowed out and filled with soldiers — the Greeks were able to bypass Troy’s defenses and attack from the inside.

Today the Pentagon faces a similar situation. Adversaries have been attacking Defense Department computer networks in attempts to bypass the United States’ formidable defenses and attack from the inside out.

Defense and industry officials describe DOD networks as the Achilles’ heel of the powerful U.S. military. Securing military networks is even more critical in an increasingly transformed military in which information is as much a weapon as tanks and assault rifles.

DOD networks have been breached. Department officials acknowledged hackers attacked military networks almost 300 times in 2003 — sometimes by cyber Trojan horses, which can operate within an organization’s network. DOD officials say intrusions reduced the military’s operational capabilities in 2004.

Along those lines, 1105 Media and Juniper are hosting a seminar on the trusted Internet connection initiative — the program designed to trim down the government’s connections to the Internet in order to make them more secure. They have a good agenda lined up. In the morning, there will be presentations by RDML Michael (“Mike”) Brown , the Homeland Security Department’s National Protection and Programs deputy assistant Secretary for Cyber Security and Communications, and OMB’s Karen Evans. I will also be moderating a panel about what TIC means to people on the front lines.

EDITOR’S NOTE AND DISCLOSURE: I am being paid for moderating this panel.

DC’s Vivek Kundra advising Team Obama

We told you about this earlier, but WTOP star reporter Mark Seagraves scored an interview with DC CTO Vivek Kundra and confirmed that he has, indeed, been advising Team Obama on technology issues. Federal News Radio spoke to Seagraves about his interview with Kundra on the Daily Debrief with(out) Chris Dorobek and Amy Morris.

The Fenty Administration’s top techie is helping President-elect Barack Obama’s transition team develop new ways to use technology.

Vivek Kundra, chief technology officer for the District, tells WTOP the same applications and innovations he’s brought to the District government can be applied at the federal level.

“I’m advising on what we’ve done in the District of Columbia,” Kundra says. “I think it’s scaleable nationally, and globally, too.”

Kundra isn’t eager to talk about his work with the Obama transition team, preferring to direct the conversation back to his work for the District. But when pressed, Kundra acknowledges the scope of his consultations go beyond the transition.

“I’m advising in terms of some of the ideas that are in the District government that can be leveraged not just in the transition team, but across the country,” says Kundras from his ninth floor office, which overlooks the federal enclave below Capitol Hill.

Read the full story here.

More on government 2.0… and Safavian… after the break…
Read the rest of this entry »