posted on Mar, 1 2012 @ 11:54 PM
Originally posted by Zarniwoop
More than likely, sensitive information was not stored on systems connected to the Internet. Some dufus who has connectivity to the Internet clicks on
a fake add for male pattern baldness, downloads a trojan or worm, then whatever sensitive servers the dufus has access to are subject to
Or maybe NASA bought some routers with parts manufactured in China that had some special undocumented features.
Which is exactly why nothing that is sensitive should have ANY outside access. No internet browsing, nothing. Eliminate the cause. Allow the
engineers to have access via another computer on a separate network, but not any system that has any sensitive info. We need to bring manufacturing
back from China so that your router scenario won't be an issue. But, you're right...they may have a backdoor. Everyone seems to these days.
Originally posted by BIGPoJo
Its a matter of MONEY. They are getting what they paid for. They probably refuse to pay a decent IT salary and they probably refuse to pay for an
offline closed network for their sensitive stuff. The only computers that should have Internet access is a few administration PCs, the others should
be on a private network that has ZERO connections to anything resembling outside access.
I think it's more of a matter of the NOT getting what they paid for. Government employees these days make more than us in the private sector. I
agree with everything else you said.
Originally posted by HunkaHunka
It doesn't matter...stuxnet hopped from the Internet to networks not connected to the internet. How you ask? Watt we call sneakernet. It's when
you pull a USB thumb drive out of a machine connected to network 1 and plug it into network 2.
This is why you don't allow ANYTHING in or out without prior screening. Something as sensitive as data being worked on by JPL should NEVER be
crompromised. Limit size of USB drives to a size where they can't compile gigabytes worth of data, etc. Small, and use a "sally port" type system
where any drive coming in, or going out, is checked. Checksums, hash tables, date/time stamps of files. It should all be known, checked, then double
checked. We dealt with sneakernet transmitted viruses in the 90's you'd think they would know how to handle that stuff by now.
In closing, there is absolutely NO reason for these systems to be on the internet. With a STK T1000KC tape drive backing up at the rates it backs up,
and the fact it holds 5TB per tape, I can back up and fly anywhere on the planet and transfer the data faster.