NASA denies Iranian cyberattack
Hackers often claim to have penetrated NASA's IT systems, when in fact they haven't, agency says
By Antone Gonsalves
May 25, 2012 — CSO — NASA denied Friday that its website had been hacked and information stolen by a band of Iranian students that called themselves the "Cyber Warriors Team."
The group bragged in a May 16 post on Pastebin that it had hacked a NASA site and stolen the personal information of thousands of NASA researchers. The site allegedly compromised is called the Solicitation and Proposal Integrated Review and Evaluation System.
NASA said it discovered the Pastebin post within hours and launched an investigation of the claims. "Although the investigation is ongoing, all results thus far indicate that the claims are false... At no point were any sensitive, mission, or classified systems compromised," Beth Dickey, a NASA spokeswoman, said in an email.
Hackers often claim to have penetrated NASA's IT systems, when in fact they haven't, Dickey said. On the same day as the alleged Iranian hack, two other groups claimed on Pastebin to have broken into NASA systems. "They were also found to be false," Dickey said.
In a message written in broken English, the Iranian group of student programmers and hackers had claimed to have hacked the secure sockets layer of the NASA site to obtain the public key certificates needed to gain access to the researchers' personal data. The group claimed to have built a packet analyzer that logged traffic over the digital network and decoded the data to locate the certificates
Not all attempts to hack NASA systems are unsuccessful. Earlier this month, NASA, which stands for the National Aeronautics and Space Administration, and the European Space Agency confirmed that a group calling itself "The Unknowns" had hacked sites of both organizations. No information was stolen. Instead, the group passed along details of the vulnerabilities, so they could be fixed.
In a report to Congress in February, NASA Inspector General Paul K. Martin said the agency has increasingly become a target of sophisticated attacks bent on stealing or changing information from computer systems and networks. During fiscal year 2011, NASA was the target of 47 such attacks, with 13 successfully compromising the agency's computers.
Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.