Mission critical servers at NASA, which are instrumental in controlling space crafts, are at risk from cyber attacks, a report has found.
According to an official audit conducted by the Office of the Inspector General (OIG), the severs at NASA are riddled with security vulnerabilities that could allow hackers to launch defacement attacks, denial of service attacks or information stealing attacks.
The audit also discovered six IT systems that contained critical vulnerabilities that could be exploited by hackers to gain remote control of the systems. These six unnamed IT systems handle some of the most critical operations at NASA.
“Specifically, six computer servers associated with IT assets that control spacecraft and contain critical data had vulnerabilities that would allow a remote attacker to take control of or render them unavailable,” the report read.
Researchers testing NASA systems also discovered that certain vulnerabilities in servers could expose encryption keys, encrypted passwords, and user account information to potential attackers.
“These data are sensitive and provide attackers additional ways to gain unauthorized access to NASA networks,” it was concluded.
NASA has since claimed to have patched all the vulnerabilities that were discovered during the audit and promised to revamp its IT security policies.