Space & Cyber Terror

Title: Chinese Hackers May Have Attacked US Satellites
October 28, 2011
Computer World

Abstract: Chinese hackers may have interfered with two US satellites on four separate occasions in 2007 and 2008.

On one occasion, the attackers had enough access to take complete control of one of the satellites but chose not to do so, according to a Bloomberg Businessweek story that cites a soon-to-be published report by a congressional commission.

According to Bloomberg, a Landsat-7 earth observation satellite managed by NASA and the US Geological Survey and a Terra AM-1 satellite managed by NASA were both attacked by hackers thought to be from China.

The attackers appear to have gained access to the satellites via compromised ground control systems at the Svalbard Satellite Station in Spitsbergen, Norway, Bloomberg said.

Hackers "interfered" with the Terra AM-1 satellite twice in 2008 - once for about two minutes in June and again for nine minutes in October. The Landsat-7 system, meanwhile, experienced more than 12 minutes of interference in October 2007 and July 2008.

The October 2007 attack on the Landsat-7 satellite was discovered only when the July 2008 interference was being investigated.

"Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions," the draft report says, according to Bloomberg. "Access to a satellite's controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite's transmission."

The report does not directly accuse the Chinese government or its military of being behind the attacks. But it does note that the disruptions are consistent with Chinese military strategies that advocate the disabling of enemy space systems and ground-based satellite control systems, Bloomberg said.

China's stated strategy in a conflict is to "compromise, disrupt, deny, degrade, deceive or destroy" US space and computer systems, the report says, according to Bloomberg.

A spokesman for the Chinese embassy in Washington is quoted as denying any involvement in the attacks and accusing the commission of collecting unsubstantiated stories for the purposes of "vilifying" China.

Though Chinese officials have denied involvement in such attacks, China has frequently been suspected of being behind cyberattacks against US government, military and commercial targets. Privately many security experts say that such attacks allow multiple terabytes of sensitive data and IP to be siphoned out of the country. So far, few have been able to or willing to substantiate those claims publicly.

Based on the Bloomberg story, the incidents described in the report appear similar to a scenario described earlier this year in the US Air Force's Strategic Studies Quarterly.

The report, authored by Christopher Bronk, a former diplomat with the US Department of State and a fellow specialising in IT policy at Rice University's Baker Institute, described how a hypothetical cyberwar between the US and China might play out.

In the report, Bronk theorised that China's strategy in any cyberwar will be to degrade and disrupt communications but to not completely disable an opponent's networks. The goal will be to own as much of a network as possible in order to control it when hostilities break out, he said (Computer World, 2012).

Title: NASA Computer Hacked, Satellite Data Accessed
May 17, 2011
Tech News Daily

A Romanian hacker claims to have breached a computer server at NASA's Goddard Space Flight Center and gained access to confidential satellite data.

The hacker, who calls himself TinKode, took to Twitter shortly before noon today (May 17) to boast: "NASA Goddard Space Flight Center (Hacked) 1 Server Access."

On his blog, TinKode posted a screen grab of what he said was a Goddard Space Flight Center FTP server. The screen shot shows files that appear to be connected with NASA's SERVIR program, which uses satellite data to aid in disaster relief, health risk assessments, and climate change and biodiversity issues, wrote Paul Roberts from the security firm Kaspersky Lab.

Rob Gutro, deputy news chief at the spaceflight center, located in Greenbelt, Md., confirmed "there was a breach in the NASA Goddard FTP site" but said it actually took place in April.

"The necessary steps were taken to protect the infrastructure at that time," Gutro told SecurityNewsDaily, adding, "NASA doesn't discuss the details of our IT security but remains vigilant to secure the security of our sites."

TinKode's announcement of his hack came just one day after the final launch of the NASA space shuttle Endeavour before its retirement, and one month to the day after TinKode allegedly hacked into the servers of the European Space Agency (Tech News Daily, 2011).

Title: Proposed Hacker Satellite System Would Fight Web Censorship
Date: January 1, 2012
Source: PC Mag

Abstract: "Hackers in Space" sounds like a bad TV movie, but if the group behind the Hackerspace Global Grid (HGG) reach their goal, it could be a reality by the time we ring in 2034.

As first reported by the BBC, the HGG wants to send their own satellites into orbit, which will be open and free from Internet censorship.

The trio behind HGG—Germany-based Armin Bauer, Andreas Horning, and a hacker known as hadez—started work on the project after an August gathering of the Chaos Computer Club called on attendees to create a "Hacker Space Program" that would put a hacker on the Moon within 23 years.

"HGG's aim is to provide the core infrastructure required along the way. We want to understand, build and make available satellite-based communication for the hackerspace community and all of mankind," HGG said on its Web site.

At this point, however, that effort is still in the very early planning stages. The group has teamed up with the Constellation project, a platform for aerospace-related projects that need intensive computational power, but beyond that, organizers are currently in data-gathering mode.

"The first step is establishing a means of accurate synchronization for the distributed network," HGG said. "Next up are building various receiver modules (ADS-B, amateur satellites, etc) and data processing of received signals. A communication/control channel (read: sending data) is a future possibility but there are no fixed plans on how this could be implemented yet."

The group also has a list of open tasks for those who want to participate.

In talking with the BBC, Bauer noted that the pending Stop Online Piracy Act (SOPA) in the United States is one of the reasons a network like HGG is needed, but the group's FAQ insists it does not have political leanings.

"Despite various media suggesting we might be anything from anarchists to subversive evil hackers we're far from all that," HGG said. "What we are is a bunch of tech-savvy folks who identified a problem and are eager to fix it. We're interested in the technological aspects of all things communication. So please, do not read too much into it, especially leave us alone with your futile attempts of assigning us a political label. We're a representative slice of humankind."

Nonetheless, the creation of an "uncensorable Internet" is "one of the possible goals on the horizon," HGG said, but "we're not yet in a technical position to discuss details."

HGG said it will initially use global positioning data, which is controlled by the U.S. government. But that "is just one source for time and position data we're planning on using," the group said. "Others will include Galileo, GLONASS, ground-based surveying and more. We're simply starting off with GPS because it's simple and ubiquitously available at reasonable prices."

As to whether their efforts will run afoul of any particular laws, HGG said it in not yet in a position to be sending signals, but once it is "we do have HAM radio operators on board who have the required knowledge and education to know what is allowed."

HGG also acknowledged that there might be other groups working on a similar project, and urged collaboration to reach their goals faster.

HGG was not overly concerned about bandwidth constraints because the effort will be about sending messages not watching YouTube videos or downloading movies. "Think Twitter updates, not streaming video," HGG said.

For more, you can follow the group's efforts @hxglobalgrid.

The news, meanwhile, comes several days after China flipped the switch on a satellite navigation system that will provide initial positioning, navigation, and timing operational services to China and the surrounding region. The Beidou Navigation Satellite System is intended to replace China's reliance on the U.S. Global Positioning System (GPS) (PC Mag, 2012).

Title: German Hackers Are Building A DIY Space Program To Put Their Own Uncensored Internet Into Space
Date: January 9, 2012
World Of Technology

Abstract: There’s more than one way to stick it to The Man. There’s civil disobedience, subversive propaganda, political art, outright violent revolt--each possessing its own degree of difficulty and consequence. In a decidedly 21st-century twist, team of German hackers bent on fighting the powers that be has chosen a rather ambitious means of taking the power back: building a hacker-owned and -operated space program, complete with a constellation of communications satellites beaming uncensored Internet to users on the ground.

The Hackerspace Global Grid was borne out of a call to action at the Chaos Communication Congress in Berlin, where hackers of all stripes gather to mull the issues of the day as they relate to their craft. Hacker activist Nick Farr--motivated by legislation like the Stop Online Piracy Act (SOPA) in the U.S.--called on the community to contribute to a project that would remove the power of censorship from governments and corporations by creating an uncensored Internet in the free frontier of space.

Of course, building both a space program capable of placing satellites in orbit and a terrestrial network of tracking stations is easier said than done. Then again, it’s easier now than it’s ever been. Space--and even low earth orbit--has long been the dominion of state entities with the resources and large-scale organizations capable of very big undertakings.

But amateur rocketeers are already skirting the upper atmosphere with homemade rockets, and the idea that amateurs will soon be able to reach low earth orbit is by no means outside the realm of possibility. And even piggybacking on existing space launches, like ISS resupply runs and satellite launches, is growing less expensive, especially for smaller payloads.

Furthermore, if there’s anyone suited to the task of building--from the ground up--a system of software and hardware for tracking satellites and establishing a network infrastructure, it’s probably a team of highly skilled hackers. That’s where the Hackerspace Global Grid is starting. The group is aiming to provide ground stations on a non-profit basis for 100 euros (about $130), and plans to have three of them deployed this year for testing. And it has already begun trying to build the software infrastructure necessary to track satellites and communicate with them.

The trick will be in the placement of the satellites themselves. Placed in low earth orbit by an amateur launch, the satellites would move too quickly to be of any real use in streaming Internet data to the ground. Placed higher up in geostationary orbit (more than 22,000 miles up), the signal lag becomes great enough to restrict what kind of Internet applications can be executed. And there’s also a touchy legal issue at play here, as the BBC points out. The unregulated nature of space means the Hackerspace group can do what they want. But should a nation like China decide it doesn’t want uncensored Internet streaming to its shores from space, there’s nothing really stopping it from blasting the satellites out of the sky either.

Still, the very notion is undeniably awesome: a DIY space program patched together via a loose affiliation of hackers building an open source generation of space-faring electronics and satellite communications infrastructure that would provide free-flowing information for all. Given recent developments like SOPA, uprisings across the Arab world, and the actions of oppressive regimes like that in Belarus, its clear that the free and fair Internet is both a tool for individual empowerment and an entity whose future is uncertain. Naturally, any effort to secure a free flow of information for all and to build a DIY space program in the offing is going to get an enthusiastic nod of approval from us
(World of Technology, 2012).

Title: GPS At Risk From Terrorists, Rogue Nations, And $50 Jammers, Expert Warns
February 23, 2012
Fox News

The Global Positioning System guides our ships at sea. It’s the centerpiece of the new next-gen air traffic control system. It even timestamps the millions of financial transactions made across the world each and every day.

And it's at extreme risk from criminals, terrorist organizations and rogue states -- and even someone with a rudimentary GPS jammer that can be bought on the Internet for 50 bucks, said Todd Humphreys, an expert on GPS with the University of Texas.

“If you’re a rogue nation, or a terrorist network and you’d like to cause some large scale damage -- perhaps not an explosion but more an economic attack against the United States -- this is the kind of area that you might see as a soft spot,” he told Fox News.

Humphreys was the keynote speaker at a conference of world experts organized by the UK - ICT Knowledge Transfer Network in London yesterday. His predictions for what lies ahead with this emerging threat were dire.

For example, in 2010, UK researchers aimed a low-level GPS jammer at test ships in the English channel. The results were stunning: Ships that veered off course without the crew’s knowledge. False information passed to other ships about their positions, increasing the likelihood of a collision. The communications systems stopped working, meaning the crew couldn’t contact the Coast Guard. And the emergency service system -- used to guide rescuers -- completely failed.

Then, there’s the incident with the U.S. drone lost over Iran. Humphreys believes that by using simple jamming technology, Iranian authorities confused the ultra-sophisticated RQ-170 spy drone to the point that it went into landing mode. The drone’s Achilles heel? It had a civilian GPS system -- not a military-grade encrypted model. It didn’t take much to blind it and force it down.

Another level of rapidly-emerging threat is so-called “spoofing." Unlike a jammer, which blocks or scrambles GPS signals, a “spoofer” mimics information coming from a satellite. It can make an aircraft, ship or other GPS-guided device think it’s somewhere that it’s not.

Humphreys says organized crime is already attempting to exploit the possibilities. Gangs could hijack a container truck full of high value goods, and through spoofing, make its owner think it’s on its way to the intended delivery point -- instead of to the gang’s warehouse.

“The civil GPS signal's completely open and vulnerable to a spoofing attack, because they have no authentication and no encryption," Humpheys told Fox News. "It’s almost trivial to mimic those signals to imitate them and fool a GPS receiver into tracking your signals instead of the authentic ones.”

Hijacking a cargo container is one thing. Spoofing the global financial system is quite another. In his London presentation, Humphreys warned about another emerging GPS threat -- the worldwide network of stock and commodity trades. 

Every trade is time-stamped using GPS clocks. Computer programs monitor those time stamps down to the millisecond. If something seems amiss, many programs are designed to pull out of the market. Humphreys says a hacker could fairly easily interfere with those time stamps, triggering trading programs, creating a sudden liquidity crisis and potentially a mini market crash.

Then, there’s the high-dollar reward of manipulating time. An unscrupulous trader -- or criminal organization could make millions by delaying time even by a heartbeat.

“You’re able to match the prices between the networks in a way that’s different from everyone else in the world,” Humphreys said. “Everyone else in the world might be 20 milliseconds off and you happen to know the actual timing. And so you’re able to buy low in one market and sell high in another market.”

The system is so vulnerable to attack because signals coming from the network of GPS satellites orbiting the earth are very weak. They’re about 12,000 miles away. It doesn’t take much to disrupt them.

A landmark study in the UK published Wednesday, Feb. 22, found GPS jammers in widespread use on that nation’s highways. While it has not yet been studied in the U.S., it’s believed an equal or greater problem exists in America.

The devices are illegal in the States, yet they are readily available over the Internet for as little as $50. People use them to avoid tolls, evade a snooping spouse, or use a company vehicle for something other than its intended purpose. And that sometimes has unintended consequences.

Recently, the new GPS landing system at Newark airport, just outside New York City, was crashing several times a week, forcing airliners to switch to a backup system. Airport officials were baffled. It turns out some fellow was moonlighting in a GPS-tracked company van. He was using a jammer to obscure his movements. Every time he drove by Newark airport, he took down the landing system.

As much as GPS jammers or spoofers can cause havoc to multiple systems, Humphreys sees a conflict between the growing integration of GPS technology and our personal lives.

He says devices that interfere with GPS might actually have a legitimate use: Protecting a person’s privacy.

“People have a right to be private in their lives,” he said. “But with GPS tracking devices the size of a small dot being able to place them surreptitiously on your friends -- they’re going to want to resort to some sort of jamming or spoofing as a defense against that kind of invasion of privacy” (Fox News, 2012).

Title: Stolen NASA Laptop Contained Space Station Control Codes
Date: March 1, 2012

Abstract: A laptop stolen from NASA last year was unencrypted and contained command and control codes for the International Space Station on it, the agency's inspector general told a House subcommittee Wednesday.

In his testimony before a House Science, Space and Technology subcommittee, NASA Inspector General Paul Martin said the notebook computer stolen in March 2011 "resulted in the loss of the algorithms" used to control the space station. This particular laptop, Martin said, was one of 48 NASA notebooks or mobile devices stolen between April 2009 and April 2011.

Some of these thefts resulted in the leak of sensitive data "including export-controlled, Personally Identifiable Information, and third-party intellectual property," as well as Social Security numbers and data on NASA's Constellation and Orion programs, Martin said. [NASA Computer Hacked, Satellite Data Accessed]

The actual number of stolen and compromised devices could be much higher because NASA relies on employees to self-report incidents.

In an email, NASA spokesman Trent Perrotto told SecurityNewsDaily that "at no point in time have operations of the International Space Station been in jeopardy due to a data breach."

"NASA has made significant progress to better protect the agency's IT systems and is in the process of implementing the recommendations made by the NASA Inspector General in this area," Perotto added. 

In 2011, NASA, which Martin rightly called a "target-rich environment for cyberattacks," was the target of 47 advanced persistent threats, 13 of which successfully compromised NASA computers.

These attacks are part of the 5,408 cybersecurity incidents in 2010 and 2011 that resulted in unauthorized intrusions or malware being planted on its systems and cost the space agency an estimated $7 million.

"These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives," Martin said.

Some Attacks Traced to China 
In one case, intruders traced to Chinese-based Internet addresses gained full access to key computer systems and sensitive user accounts at NASA's Jet Propulsion Laboratory, Martin said. He said the level of access could have given the intruders the power to:

1. Modify, copy or delete sensitive files.
2. Add, modify or delete user accounts for mission-critical systems.
3. Upload hacking tools to compromise other NASA systems.
4. Modify system logs to cover their tracks.

"In other words, the attackers had full functional control over these networks," Martin said. He said the November 2011 incident was still under investigation.

Romanian Hackers Implicated 
One example of a "skill-testing" hack was the attack perpetrated by "TinKode," a 20-year-old Romanian hacker (real name Razvan Manole Cernainu), who tapped into a computer server at NASA's Goddard Space Flight Center in April 2011.

Another case involves a 25-year-old Romanian national (Robert Butkya, a.k.a. "Iceman"). Last month, Butkya was indicted by a federal grand jury on allegations that he broke into 25 computers that were part of NASA's Atmospheric Infrared Sounder Program. "This series of intrusions resulted in losses of over $500,000," Martin said.

Overall, Martin said computer intrusions "have affected thousands of NASA computers, caused significant disruptions to mission operations and resulted in the theft of export-controlled and otherwise sensitive data."

Few Devices Use Encryption 
Martin's testimony highlights the difficulties NASA information technology officials face in securing the agency's laptops and mobile devices. As of Feb. 1, only 1 percent of NASA portable devices and laptops had been encrypted.

"Until NASA fully implements an agency-wide data encryption solution, sensitive data on its mobile computing and portable data storage devices will remain at high risk for loss or theft," he said.

Martin said software vulnerabilities in NASA computers are often left unpatched, a problem stemming from an IT chain of command in which the chief information officer "has limited ability" to fully implement mandated IT security programs across the agency (MSNBC, 2012).

Title: NASA Concerned About Cyber Attacks
Date: March 5, 2012
USA Today

Abstract: It sounds like the plot of a campy science fiction flick: Thieves steal a laptop containing the codes used to command and control the 
International Space Station.

The International Space Station in a July 2011 photo. Thieves stole a laptop containing codes used to control the space station in March 2011.

Except it happened.

The March 2011 theft of the unencrypted computer was one of 5,408 cybersecurity incidents — many foreign-based — the space agency reported during the past two years, according to NASA Inspector General Paul Martin.

The incidents, which include the installation of malicious software and unauthorized access to NASA systems, have caused disruptions and cost taxpayers millions in missing equipment and repairs.

Some cases are clearly more serious than others, such as the theft of space station algorithms, though there's nothing to indicate the ISS was affected in any meaningful way.

"The threat to NASA's information security is persistent and ever-changing," warned Rep. Paul Braun, R-Ga., who chairs a House Science, Space and Technology subcommittee that conducted a hearing on cybersecurity lapses Wednesday. "Unless NASA is able to continuously innovate and adapt, their data systems and operations will continue to be in danger."

These incidents are among those the inspector general's office says have taken place since 2010:

—Terra and Landsat-7, both Earth observation satellites, "have each experienced at least two separate instances of interference apparently consistent with cyberactivities against their command and control systems."

—An unidentified NASA center released to the public 10 surplus computers connected to the space shuttle program that weren't properly sanitized and may have contained sensitive data.

—Intruders stole credentials for more than 150 NASA employees in one cyber attack, while another intrusion provided hackers access to key information and user accounts at the Jet Propulsion Lab in Pasadena, Ca.

—A Texas man pleaded guilty last year to hacking NASA computers, an incident that prevented some 3,000 registered users from accessing oceanographic data collected by the agency.

Martin told the House panel the agency's vulnerability stems from two issues: It's a high-profile target that generates plenty of sought-after data, and it offers potential hackers a wide array of entry points.

NASA manages approximately 3,400 websites — nearly half of all the federal government's non-defense sites — and is home to some 176,000 individual e-mail addresses. Its assets include 550 information systems that control spacecraft, collect and process scientific data, and enable NASA to interact with colleagues and researchers in other agencies and universities around the globe, according to Martin.

"There are many gates to guard," NASA Chief Information Officer Linda Cureton told the House panel.

Sen. Bill Nelson, D-Fla., a member of the Intelligence Committee who rode on the space shuttle, said that while the country's national security computers are protected, he's concerned foreign hackers could infiltrate government computers through a back door provided by NASA or another non-defense agency.

"Of course it's worrisome," he said. "And that's what we're working on."

NASA has made some progress addressing problems Martin and his office have pointed out in the 21 audit reports his office has conducted over the past five years. Of the 69 recommendations the inspector general has made during that period, all but 18 have been fully addressed, officials said.

Martin said only 1% of the agency's laptops and other portable devices have been encrypted to prevent easy deciphering, which he called "very disturbing" given the highly sensitive nature of the information stored on them. More than half of the computers used government-wide are encrypted.

In addition, a risk assessment Cureton's office was supposed to have completed by August 2011 won't be finished until June.

"We are determined to improve NASA's capability to predict, prevent and effectively contain potential IT security incidents," she told lawmakers.

Cureton told the House panel the agency has taken a number of steps, including accelerating encryption of NASA laptops. But she said cybersecurity isn't taken as seriously as it should be because of "culture" issues. And much of the sensitive information is managed not by her office but by mission directorates.

Martin said Cureton's efforts have been hampered because she doesn't control much of the budget devoted to improving cybersecurity.

"As we've all seen in Washington," Martin said, "when you don't control the funding, you have a difficult time getting folks' full attention" (USA Today, 2012)

Title: Chinese Hackers 'Had Full Access' To Nasa Lab That Commands 23 Spacecraft
Date: March 7, 2012
Daily Mail

Abstract: Chinese hackers gained 'full access' to the computer network in one of Nasa's key control centres, the Jet Propulsion Laboratory. 

JPL manages 23 spacecraft conducting active space missions, including missions to Jupiter, Mars and Saturn.   

The hackers, operating from an internet address in China, gained full system access in November 2011, allowing them to upload hacking tools to steal user IDs and control Nasa systems, as well as copy sensitive files. 

The hackers were also able to modify system logs to conceal their actions. 

‘The intruders had compromised the accounts of the most privileged JPL users, giving the intruders access to most of JPL's networks,’ said National Aeronautics and Space Administration Inspector General Paul Martin. 

The cyber attack was one of 'thousands' of computer security lapses at the space agency.

Martin said the hackers gained full system access, which allowed them to modify, copy, or delete sensitive files, create new user accounts and upload hacking tools to steal user credentials and compromise other NASA systems. 

National Aeronautics and Space Administration Inspector General Paul Martin testified before Congress on the breaches.

In another attack last year, intruders stole credentials for accessing NASA systems from more than 150 employees. 

Martin said the his office identified thousands of computer security lapses at the agency in 2010 and 2011.     

He also said NASA has moved too slowly to encrypt or scramble the data on its laptop computers to protect information from falling into the wrong hands.          

Unencrypted notebook computers that have been lost or stolen include ones containing codes for controlling the International Space Station, as well as sensitive data on NASA's Constellation and Orion programs, Martin said.

A NASA spokesman told Reuters on Friday the agency was implementing recommendations made by the Inspector General's Office.             

‘NASA takes the issue of IT security very seriously, and at no point in time have operations of the International Space Station been in jeopardy due to a data breach,’ said NASA spokesman Michael Cabbagehe.     

Giving testimony on the space agency's security issues, NASA Inspector General Paul K. Martin told Congress that 48 agency devices were lost or stolen over a two year period.

The mobile devices, which contained personable data, intellectual property, and highly sensitive export-controlled data, were stolen between April 2009 and April 2011, CBS News reported.

Over two years alone NASA was the victim of 5,408 computer security breaches that included unauthorized access to systems or the installation of unauthorized software. The incidents during 2010 and 2011 cost the space agency around $7 million.

Martin told Congress in written testimony: 'The March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station,'

Another stolen laptop contained classified information on NASA's space exploration Constellation and Orion programs and employees social security details.

These figures may be the tip of the iceberg, Martin said because the system for reporting lost data or devices is voluntary: 

He said: 'NASA cannot consistently measure the amount of sensitive data exposed when employee notebooks are lost or stolen because the agency relies on employees to self-report regarding the lost data rather than determining what was stored on the devices by reviewing backup files,' CBS News reported.

In 2011 NASA was the victim of 47 serious cyberattacks by individuals or groups attempting to steal information or gain access to systems, Martin said.

13 of these advanced persistent threats or (APTs) were successful including one attack in which system access codes for some 150 NASA employees were stolen. 

Another attack on the Jet Propulsion Laboratory in Pasadena, Calif. stemming from China based USPs is still under investigation. Cyber thieves 'gained full access to key JPL systems and sensitive user accounts,' Martin said. 

Martin painted a gloomy picture of security at NASA explaining while the rate of mandated encryption across government departments was 54 percent, just 1 percent of NASA portable devices are encrypted. 

'Until NASA fully implements an agency-wide data encryption solution, sensitive data on its mobile computing and portable data storage devices will remain at high risk for loss or theft,' he said (Daily Mail, 2012)

Title: New 'Unknowns' Hacking Group Hits NASA, Air Force, European Space Agency
Date: May 3, 2012
Fox News

Abstract: A new hacking group calling itself "The Unknowns" has published a list of passwords and documents reportedly belonging to NASA, the European Space Agency and the U.S. Air Force, among other high-profile government targets.

The group's Pastebin post, released yesterday (May 1), includes names and passwords reportedly belonging to NASA's Glenn Research Center as well as the U.S. Military's Joint Pathology Center, the Thai Royal Navy, Harvard University, Renault, the Jordanian Yellow Pages and the Ministries of Defense of France and Bahrain.

Softpedia reports that the hackers also posted screenshots of some of the sites they breached, and that although the post was made public yesterday, some of the hacks date back to March.

NASA's Glenn Research Center and the U.S. Military's Joint Pathology Center did not respond to requests for comment by SecurityNewsDaily.

In its message, The Unknowns explained the impetus for their exploits, and warned they could have caused much more damage than they did.

"Victims, we have released some of your documents and data, we probably harmed you a bit but that's not really our goal because if it was then all of your websites would be completely defaced but we know that within a week or two, the vulnerabilities we found will be patched and that’s what we're looking for."

The hackers said they are "ready to give you full info on how we penetrated threw [sic] your databases," and told the affected organizations to contact them.

SecurityNewsDaily contacted The Unknowns through the address the group posted,, but did not receive a response.

The Unknown's "hacking-for-good" stance is similar to that of Malicious Security (MalSec), a newly formed Anonymous spinoff that, ostensibly for "ethical purposes," leaked email addresses and passwords from several Romanian banks and government organizations (Fox News, 2012)

Title: New Group Of Hackers, Calling Themselves The Unknowns, Steal Codes From Nasa, The U.S. Military... And The Jordanian Yellow Pages
Date: May 4, 2012
Daily Mail

Abstract: Nasa and the U.S. military are among high-profile victims of a new group of hackers, calling themselves 'The Unknowns'.

The group, who professes to use its hacking abilities as a force of good, contacted a range of security-conscious firms and revealed a list of passwords and sensitive documents that they had plundered.

It is unclear whether the companies affected even knew that their security systems had been bypassed.

The Unknowns posted the names and passwords of employees at Nasa's Glenn Research Center, the U.S. Military's Joint Pathology Center, the European Space Agency, Thai Royal Navy, the ministries of defence of France and Bahrain, Harvard University and the Renault automotive firm.

Bizarrely, FoxNews also reports that the group targeted the Jordanian Yellow Pages. 

'We have released some of your documents and data, we probably harmed you a bit - but that's not really our goal, because if it was then all of your websites would be completely defaced. But we know that, within a week or two, the vulnerabilities we found will be patched and that’s what we're looking for' -The Unknowns e-mail 

The hackers also posted screenshots of some of the sites they breached, in raids that date back to March. 

The concept of hacking into companies to 'improve' their security systems is becoming more popular with hackers who want to justify their actions.

A similar stance has been taken by Malicious Security, or MalSec, a spin-off from whistle-blowing WikiLeaks.

In their e-mails to the companies affected, The Unknowns say their intentions were good - and say that they could have caused far more problems if they wanted to.

Addressed to 'Victims', the e-mail - misspelt and lacking punctuation - read: 'We have released some of your documents and data, we probably harmed you a bit but that's not really our goal because if it was then all of your websites would be completely defaced but we know that within a week or two, the vulnerabilities we found will be patched and that’s what we're looking for.' 

It concluded with the promise that The Unknowns were 'ready to give you full info on how we penetrated threw your databases' if the companies contacted them (Daily Mail, 2012).