After the recent laptop and document theft from its premises, NASA has ordered a policy to ensure encryption on all its laptops. The said machine was stolen from a locked vehicle of one of its employees at NASA headquarters in Washington DC. Following the incident the agency has forbidden staff from removing NASA-issued laptops containing “sensitive personally identifiable information” from its facilities.
What’s worrying NASA is that though machine was password protected, but the information might still be accessible to hackers as it was not encrypted.
“All employees should be aware of any phone calls, emails, and other communications from individuals claiming to be from Nasa or other official sources that ask for personal information or verification of it,” an agency-wide email published by news site Spaceref stated.
“Because of the amount of information that must be reviewed and validated electronically and manually, it may take up to 60 days for all individuals impacted by this breach to be identified and contacted.”
Taking an action on the same, Nasa’s chief information officer, Linda Cureton issued an encryption order, and instructed that the employees should not store sensitive data on mobile phones, tablets and other portable devices.
But this is not the first time that NASA faced data risk as last year, some Chinese hackers took control of networks at NASA’s Jet Propulsion Laboratory. The hackers were able to install malware, delete or steal sensitive data, and hijack the accounts of users in order to gain their privileged access.