ad info



CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH
 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz
  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet
 DISCUSSION:
 message boards
 chat
 feedback
 SITE GUIDES:
 help
 contents
 search
 FASTER ACCESS:
 europe
 japan
 WEB SERVICES:
COMPUTING

NASA has computer security weaknesses

May 24, 1999
Web posted at: 11:29 a.m. EDT (1529 GMT)

by Diane Frank

From...
Federal Computer Week
nasa graphic

(IDG) -- Many of NASA's mission-critical information systems are vulnerable to attack, and almost all the systems do not meet the agency's own requirements for risk assessment, according to a General Accounting Office report released last week.

In tests conducted by GAO at one of NASA's field centers, experts were able to penetrate several mission-critical systems, including one responsible for calculating the positioning data for spacecraft.

"Having obtained access to these systems, we could have disrupted NASA's ongoing command and control operations and stolen, modified or destroyed system software and data," the report states.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Federal Computer Week home page
  Federal Computer Week's Y2K resource page
  Year 2000 World
   

GAO attributed much of the success of the attacks to NASA's lack of consistent information security management and policies as suggested by GAO's 1998 Executive Guide. And although NASA performed a special review of its information security program last May that found many of the same problems identified by GAO, few of the recommended fixes have been started, according to the report.

GAO recommended that NASA put in place an agencywide security program addressing five areas: assessing risks and evaluating needs; implementing policies and controls; monitoring compliance with policy and effectiveness of controls; providing computer security training; and coordinating responses to security incidents.


RELATED STORIES:
Reno defends computer-search caution in Los Alamos case
May 13, 1999
Canadian hackers attack 13 major corporate sites
April 8, 1999
U.S. nuclear security overhaul promised
May 12, 1999
A LAN that's out of this world... literally -
February 1, 1999
Federal storage dilemma looms
January 26, 1999
RELATED IDG.net STORIES:
High tech fuels NASA mission on Earth, Mars
(Computerworld)
NASA site offers 400 views for the space explorer
(Computerworld)
NASA: Y2K threatens U.S.-Russia space project
(FCW)
NASA gives kids window on North Pole
(FCW)
NASA may set standard for Web business
(FCW)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
RELATED SITES:
National Aeronautics and Space Administration (NASA)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help
Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.