Risk
3/21/2013
01:09 PM
50%
50%

NASA Tightens Security In Response To Insider Threat

NASA shuts down database and tightens restrictions on remote access following the arrest of a Chinese contractor on suspicion of intellectual property theft.

Military Drones Present And Future: Visual Tour
Military Drones Present And Future: Visual Tour
(click image for larger view and for slideshow)
NASA has closed down its technical reports database and imposed tighter restrictions on remote access to its computer systems following the arrest of a Chinese contractor on suspicion of intellectual property theft.

NASA administrator Charles Bolden outlined those and other security measures in March 20 testimony before a congressional subcommittee. Bolden said he had ordered a review of the access that foreign nationals from designated countries -- including China, Iran and North Korea -- are given to NASA facilities and a moratorium on providing new access to citizens of those countries.

The agency's actions follow the March 16 arrest of Bo Jiang, a Chinese citizen, at Dulles Airport in Washington, D.C., as he prepared to leave the United States. The FBI, in its application for an arrest warrant, said it was investigating violations of the Arms Export Control Act.

[ NASA has suffered other security breaches in recent months. Read Stolen NASA Laptop Had Unencrypted Employee Data. ]

Jiang worked as a contractor with the National Institute of Aerospace, a nonprofit research organization, at NASA's Langley Research Center. During a border stop at Dulles, Jiang allegedly said that he had in his possession a cellphone, memory stick, external hard drive and new computer. During a subsequent search of Jiang's possessions, the agents found a second laptop, hard drive and SIM card, according to the arrest warrant.

Jiang was arraigned March 19 in federal district court in Norfolk, Va., on a charge of lying to federal agents. The contents of the confiscated electronic media have not been revealed.

Rep. Frank Wolf (R-Va.), chairman of the House appropriations subcommittee that funds the space agency, said in a press conference that whistleblowers at NASA prompted the investigation. Wolf said Jiang was working on high-tech imaging technology that could be of potential interest to the Chinese military. Citing the arrest warrant, Wolf said Jiang had previously traveled to China with a NASA laptop "that agents believe to have contained sensitive information."

Wolf accused NASA of circumventing restrictions on the hiring of foreign nationals and said he had evidence that the NIA might employ other Chinese nationals under similar arrangements. The congressman called on NASA to audit all of its contractors that employ citizens of countries or organizations considered "entities of concern."

Wolf, in his seventeenth year in Congress, has been focused on the threat of Chinese cyber espionage. Earlier this month, he warned of security threats and the potential leak of classified information at NASA's Ames Research Center, and he pointed to the Chinese government's "systematic and aggressive efforts to steal" sensitive technology.

A well-defended perimeter is only half the battle in securing the government's IT environments. Agencies must also protect their most valuable data. Also in the new, all-digital Secure The Data Center issue of InformationWeek Government: The White House's gun control efforts are at risk of failure because the Bureau of Alcohol, Tobacco, Firearms and Explosives' outdated Firearms Tracing System is in need of an upgrade. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Ninja
4/2/2013 | 3:03:58 PM
re: NASA Tightens Security In Response To Insider Threat
Any system administrator will tell you that having remote access to people is usually a bad idea if security measure is not taken for remote access. Good catch though, to bad they do not know what he already transported to China and what information was on it. There is an obvious issue here working with national, not saying eliminate them, just have tighter security measures imposed and deeper detailed background reports. I wonder what will become of this guy, do we have the authority to detain and convict him?

Paul Sprague
InformationWeek Contributor
moarsauce123
50%
50%
moarsauce123,
User Rank: Apprentice
3/22/2013 | 5:36:31 PM
re: NASA Tightens Security In Response To Insider Threat
Keep hiring Chinese nationals for sensitive stuff, you idiots!
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8891
Published: 2015-03-06
Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vectors...

CVE-2014-8892
Published: 2015-03-06
Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via un...

CVE-2015-1170
Published: 2015-03-06
The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 before 345.20, and R346 before 347.52 does not properly validate local client impersonation levels when performing a "kernel administrator check," which allows local users to gain administrator privileges via unspecified API call...

CVE-2015-1637
Published: 2015-03-06
Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for r...

CVE-2014-2130
Published: 2015-03-05
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka B...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.