Malware infects space station laptops
Not the first time, says NASA; astronauts load up Norton AntiVirus
Computerworld - Malware has managed to get off the planet and onto the International Space Station (ISS), NASA confirmed today. And it's not the first time that a worm or virus has stowed away on a trip into orbit.
The attack code, which space news site SpaceRef.com identified Monday as "W32.Gammima.AG," infected at least one of the laptops used on the station, an international effort headlined by the U.S. and Russia.
National Aeronautics and Space Administration spokesman Kelly Humphries declined to identify the malware, saying only that antivirus software detected a worm on July 25.
The first public report of malware about the ISS was logged on Aug. 14. In NASA's daily status report on the station, the agency said that Sergey Volkov, the ISS commander, was "working on the Russian RSS-2 laptop" and "ran digital photo flash cards from stowage through a virus check with the Norton AntiVirus application."
A week later, on Aug. 21, Volkov "checked another Russian laptop, today RSK-1, for software virus by scanning its hard drives and a photo disk."
The next day, Volkov transmitted antivirus scanning results from the laptop to Earth, and U.S. astronaut Greg Chamitoff scanned another computer for possible infection. NASA also said in Friday's report that all laptops on board the ISS were being loaded with antivirus software.
"All A31p laptops onboard are currently being loaded with [the] latest [Norton AntiVirus] software and updated definition files for increased protection," said NASA.
W32.Gammima.AG -- the name that Symantec Corp., maker of Norton AntiVirus, gave the malware -- is a year-old Windows worm designed to steal information from players of 10 different online games, some of them specific to the Chinese market. Among the games: ZhengTu, HuangYi Online and Rohan.
The worm also plants a rootkit on the infected system and transmits hijacked data to a remote server.
Today, Humphries said that the worm poses no threat. "It was never a threat to any command-and-control or operations computer," he said. He refused to detail how the malware snuck aboard, citing "IT security issues," but other sources, including SpaceRef.com, speculated that it might have stowed away on a laptop or a flash card.
In fact, the Aug. 11 ISS log entry hinted at digital camera storage cards as a suspect.
"There have been other incidents," confirmed Humphries, who works at the Johnson Space Center in Houston. "I don't know when the first one was, but the station will have been in orbit for 10 years [come] November."
"If there is any good news at all, it's that the malware was designed to steal usernames and passwords from computer game players, not something that orbiting astronauts are likely to be spending a lot of time doing," said Graham Cluley, a senior technology consultant with Sophos PLC, in a post to that company's blog today. "After all, with a view like that, who needs to play the likes of World of Warcraft?"
Read more about Security in Computerworld's Security Topic Center.
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- 2013 Network Management Software (NMS) Buyers Guide This white paper contains an independent comparison study of six different network management solutions and provides guidance on how you can choose the...
- Rightsizing Your Network Performance Management Solution: 4 Case Studies This white paper discusses challenges encountered as organizations search for the most cost-effective network performance management solution.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- E-Signature RFP Checklist Webcast If your organization is looking to adopt e-signatures, you may be overwhelmed by the number of providers that offer seemingly similar solutions. How...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!