Page 1 of 1
Computer virus reaches space
Posted: 2008-08-27 12:53pm
by Bounty
"...one giant leap for malwarekind"
A computer virus is alive and well on the International Space Station (ISS).
Nasa has confirmed that laptops carried to the ISS in July were infected with a virus known as Gammima.AG.
The worm was first detected on Earth in August 2007 and lurks on infected machines waiting to steal login names for popular online games.
Nasa said it was not the first time computer viruses had travelled into space and it was investigating how the machines were infected.
Orbital outbreak
Space news website SpaceRef broke the story about the virus on the laptops that astronauts took to the ISS.
Nasa told SpaceRef that no command or control systems of the ISS were at risk from the malicious program.
The laptops infected with the virus were used to run nutritional programs and let the astronauts periodically send e-mail back to Earth.
The laptops carried by astronauts reportedly do not have any anti-virus software on them to prevent infection.
Once it has scooped up passwords and login names the Gammima.AG worm virus tries to send them back to a central server. It targets a total of 10 games most of which are popular in the Far East such as Maple Story, HuangYi Online and Talesweaver.
Nasa is working with partners on the ISS to find out how the virus got on to the laptop in the first place.
The ISS has no direct net connection and all data traffic travelling from the ground to the spacecraft is scanned before being transmitted.
It is thought that the virus might have travelled via a flash or USB drive owned by an astronaut and taken into space.
The space agency also plans to put in place security systems to stop such incidents happening in the future.
Nasa told Wired News that viruses had infected laptops taken to the ISS on several occasions but the outbreaks always only been a "nuisance".
This is why you don't trust other people's USB dongles in your PC.
Posted: 2008-08-27 01:27pm
by RogueIce
What is it with the BBC selectively not capitalizing certain acronyms? First NATO and now NASA. Is it some kind of weird British English thing?
Posted: 2008-08-27 01:43pm
by Azazal
NASA said it was not the first time computer viruses had traveled into space and it was investigating how the machines were infected.
Ok this part makes sense, PC get infected all the time, but to follow up with
The laptops carried by astronauts reportedly do not have any anti-virus software on them to prevent infection.
NASA, it's basic PC security not rocket science. Come on now, AVG is free, is that too hard to set-up?
Posted: 2008-08-27 01:51pm
by Bounty
What is it with the BBC selectively not capitalizing certain acronyms? First NATO and now NASA. Is it some kind of weird British English thing?
That's standard Commonwealth spelling.
NASA, it's basic PC security not rocket science. Come on now, AVG is free, is that too hard to set-up?
If these laptops can only communicate through NASA, and NASA itself has decent security, then it does make sense not to install AV's on them that might carry an infection themselves; however, in that case they shouldn't allow unscanned USB drives or discs to be used.
Posted: 2008-08-27 03:46pm
by Pu-239
AVG is only free for personal use.
Posted: 2008-08-27 05:05pm
by Natorgator
Obviously this was the work of a skilled computer hacker in order to shut down the ISS's shields.
Posted: 2008-08-27 08:15pm
by GrandMasterTerwynn
Azazal wrote:The laptops carried by astronauts reportedly do not have any anti-virus software on them to prevent infection.
:shock:
NASA, it's basic PC security not rocket science. Come on now, AVG is free, is that too hard to set-up?
In more than a few government and large corporate IT systems, you can only have approved hardware running a set of approved software applications. In some cases, for optimal system stability and security (or to maintain an approved configuration for such and such an environment,) installing outside/unapproved software, or software updates beyond the base configuration, is strictly forbidden. Antivirus software, to be most effective, must be updated regularly, and thus violates the aforementioned paradigm. And since these systems sit on secure networks and have minimal exposure to the outside world, it typically doesn't make sense to install antivirus software on them.
Posted: 2008-08-28 08:49am
by Edi
RogueIce wrote:What is it with the BBC selectively not capitalizing certain acronyms? First NATO and now NASA. Is it some kind of weird British English thing?
It's what often happens when something transforms from an acronym to a proper word on its own due to popularity of usage and propensity for being spelled like a proper word. We don't spell 'laser' as 'LASER' anymore, even though it is an acronym originally.
Posted: 2008-08-28 09:12am
by Azazal
GrandMasterTerwynn wrote:Azazal wrote:The laptops carried by astronauts reportedly do not have any anti-virus software on them to prevent infection.
NASA, it's basic PC security not rocket science. Come on now, AVG is free, is that too hard to set-up?
In more than a few government and large corporate IT systems, you can only have approved hardware running a set of approved software applications. In some cases, for optimal system stability and security (or to maintain an approved configuration for such and such an environment,) installing outside/unapproved software, or software updates beyond the base configuration, is strictly forbidden. Antivirus software, to be most effective, must be updated regularly, and thus violates the aforementioned paradigm. And since these systems sit on secure networks and have minimal exposure to the outside world, it typically doesn't make sense to install antivirus software on them.
Jeez you people are too literal, the part for AVG was as a joke response, but the fact that the OP stated that systems have be infected in the past shows that this is not a one time instance. obviously these systems are being exposed to outside influences in some form or another, whether it's a dirty thumb drive or some one taking the laptop to Starbucks and surfing for porn, they are being infected. How hard is it to install an anti-virus app, and then update it before the crew takes the laptop with them, or scan thumb drives before they are cleared to be used on NASA systems?
Posted: 2008-08-28 01:49pm
by The Yosemite Bear
Well it's not a serious threat until someone gets control of the orbital Ion cannon controls, and melts the kremlin or the pentagon....
ok, that's a bad command and conquer refrence, not a suggestion of anything that might happen because of this shit. but guys if you are reading this and you probably are, get some decent firewalls, please?
Posted: 2008-08-30 02:14am
by Spyder
GrandMasterTerwynn wrote:Azazal wrote:The laptops carried by astronauts reportedly do not have any anti-virus software on them to prevent infection.
NASA, it's basic PC security not rocket science. Come on now, AVG is free, is that too hard to set-up?
In more than a few government and large corporate IT systems, you can only have approved hardware running a set of approved software applications. In some cases, for optimal system stability and security (or to maintain an approved configuration for such and such an environment,) installing outside/unapproved software, or software updates beyond the base configuration, is strictly forbidden. Antivirus software, to be most effective, must be updated regularly, and thus violates the aforementioned paradigm. And since these systems sit on secure networks and have minimal exposure to the outside world, it typically doesn't make sense to install antivirus software on them.
Eh? I've worked on a number of large scale networks and they've all had anti-virus software installed on the workstations. It's just software that gets packaged and pushed out the same way all the other approved apps get deployed. With corporate anti-virus there's usually a server the machines all connect to for updates and reporting information.
Viruses don't need to go through a gateway to get into a network. Not having AV on the workstations is just lunacy. One breach and suddenly you've got thousands of PCs that need to be reimaged because someone thought deploying antivirus would be too hard.