US - NASA's inspector general revealed in congressional testimony that a space agency computer was stolen last year with the command codes to control the International Space Station.

Image
© NASA via Getty ImagesIn this handout image provided by NASA, astronaut Mike Fossum, Expedition 28 flight engineer, waits at an International Space Station’s pressurized mating adapter (PMA-2) docked to the space shuttle Atlantis, as the station’s robotic system moves the failed pump module (out of frame) over to the spacewalking astronaut and the shuttle’s cargo bay during a planned six-and-a-half-hour spacewalk on July 12, 2011.
In a statement given to a House committee on the security challenges facing NASA, Paul K. Martin said that an unencrypted NASA computer stolen last year was one of 48 taken between April 2009 and April 2011.

"The March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of algorithms used to command and control the International Space Station," Martin said in his written testimony. "Other lost or stolen notebooks contained Social Security numbers and sensitive data on NASA's Constellation and Orion programs."

In 2010 and 2011, there were 5,408 computer security incidents at the space agency costing NASA an estimated $7 million.

"These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives," Martin said.

Last year, NASA was the victim of 47 cyberattacks, with 13 of those attacks successfully compromising the agency's computers. In one of those attacks, credentials for more than 150 employees were stolen.

Another attack involved Chinese-based IP addresses that gained full access to systems and sensitive user accounts at the Jet Propulsion Laboratory in Pasadena, Calif.

The Office of Management and Budget reported that only 1 percent of NASA's portable devices and laptops have been encrypted this year.

"Until NASA fully implements an Agency-wide data encryption solution, sensitive data on its mobile computing and portable data storage devices will remain at high risk for loss or theft," Martin explained in his testimony.