Autorun worm found on non-critical systems.
US space agency NASA has confirmed reports that laptops in use on the international space station have been found to have been infected with password-stealing malware.
The infected systems are said to be non-mission-critical and used by space station crew for email and recording data from ‘nutritional experiments’. According to NASA spokespeople, all systems are isolated from the web and all data must pass through supposedly secure indirect links. However, as the malware in question appears to be a worm which spreads via USB sticks, it seems likely that the infection was introduced in this manner, and that the systems had not had autorun disabled, a fairly basic security step. It is not clear whether the more vital computer systems on the station use the same tight isolation methods.
The infection was discovered during a ‘routine scan’ with
Symantec
‘s
Norton
product, and was apparently not the first such incident, hinting that resident scanning was not in use. Other systems are now having
Norton
installed on them.
Full details are at
Wired
here
or at
ITWire
here
.
Posted on 29 August 2008 by
Virus Bulletin
Leave a Reply