According to this story posted on Wired yesterday, a keylogger has been found on laptops being used in the space station. The reported malware, W32.Gammima.AG (see here for description on Symantec's web site), has been around since August 2007 and steals passwords from a few (rather obscure here in the United States) online games.You are thinking "So what? What risk does an online game keylogger pose to a laptop on the space station? Why should I care?"
As you know, we like to think bigger picture here.
Let's start with the obvious question of why the anti-virus software running on the laptop didn't immediately identify and stop a one year old virus? I don't know about you, but that sends up lots of red flags to me! This obviously begs the question of how long this keylogger has actually been resident on the laptop and if there are other, yet undetected, rootkits and keyloggers on those machines? Also, what other computers were potentially exposed to these infected machines that this virus could have propagated to? What information has been exposed to theft or compromise either from the laptops or from other exposed machines on the NASA network? What was done with these laptops once the virus was detected? Were they merely cleaned to the virus scanners standards (which clearly aren't that high!) or was the computer completely taken out of commission so that it could be wiped to Department of Defense specifications and re-imaged before it was redeployed?
Obviously there are a lot of unanswered questions in relation to this story, and of course NASA will never make the answers to those questions public, but this certainly calls into question the validity of the security measures employed by one of the most important programs of the 20th and 21st centuries. Where else within the federal government does the potential for similar security breaches exist? Are potential data leakages like this something that the Department of Homeland Security is focused on preventing? If not, they should be! Let's be sure we aren't aiding and abetting the bad guys by giving them the exact information we are looking to protect!
Posted by smasiello at 2:22 PM at MX Logic
No comments:
Post a Comment