NASA賣電腦 忘刪敏感資料

 

2010/12/08

(路透佛羅里達州卡納維爾角7日電)稽核報告今天顯示,美國國家航空暨太空總署(NASA)準備結束太空梭計畫之際,未先清除電腦和硬碟裡的敏感資料,就把設備賣出去。

NASA即將在明年結束太空梭計畫,因此要把數以千計的多餘物品處理掉。

督察長辦公室(OIG)發現,佛羅里達州、德州、加州和維吉尼亞州的NASA中心,有他們所稱的「嚴重」安全漏洞。

稽核報告表示,甘迺迪太空中心(Kennedy SpaceCenter)有14台電腦未事先測試是否已清除敏感資料,其中10台已釋出給大眾。

報告也發現,甘迺迪太空中心和維州朗里研究中心(Langley Research Center)有硬碟遺失。稍後甘迺迪太空中心在垃圾場找回部分硬碟,垃圾場通常存放準備出售的物品,民眾可任意出入。

檢查人員也發現多個準備出售的電腦板,都標有NASA網際網路通訊協定(IP)位址。稽核報告指出,IP位址可以讓駭客取得進出NASA內部電腦網絡的管道。中央社(翻譯)

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------

NASA sold computers with sensitive data, report says

By Irene Klotz

CAPE CANAVERAL, Florida | Tue Dec 7, 2010 6:27pm EST

CAPE CANAVERAL, Florida (Reuters) - NASA failed to delete sensitive data on computers and hard drives before selling the equipment as part of its plan to end the Space Shuttle program, an audit released on Tuesday shows.

NASA is getting rid of thousands of surplus items as it prepares to end the space shuttle program next year.

The Office of Inspector General found what it termed "serious" security breaches at NASA centers in Florida, Texas, California and Virginia.

"Our review found serious breaches in NASA's IT (information technology) security practices that could lead to the improper release of sensitive information related to the Space Shuttle and other NASA programs," NASA Inspector General Paul Martin said in a statement.

"NASA needs to take coordinated and forceful actions to address this problem."

The report cites 14 computers from the Kennedy Space Center that failed tests to determine if they were sanitized of sensitive information, 10 of which already had been released to the public. It also found that hard drives were missing from Kennedy and from the Langley Research Center in Virginia. Some of the Kennedy hard drives were later found inside a dumpster, where they were being stored before sale, that was accessible to the public, the audit says.

Investigators also found several pallets of computers being prepared for sale that were marked with NASA Internet Protocol addresses, which the report said could help hackers gain access to the NASA internal computer network.

(Editing by Greg McCune)

 

S5 Box

Login Form

S5 Register

*
*
*
*
*

Fields marked with an asterisk (*) are required.