Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Romanian Accused of Breaking Into NASA

Unknown Lamer posted more than 2 years ago | from the zero-cool-strikes-again dept.

Security 169

alphadogg writes "Romanian authorities have arrested a 26-year old hacker who is accused of breaking into multiple NASA servers and causing $500,000 in damages to the U.S. space agency's systems. Robert Butyka, 26, was arrested on Tuesday in Western Romania following an investigation by the Romanian Directorate for Investigating Organized Crime and Terrorism. According to local reports, the hacker used the online moniker of 'Iceman.' He does not have a higher education or an occupation, a DIICOT spokeswoman said."

cancel ×

169 comments

In soviet russia ... (0)

Anonymous Coward | more than 2 years ago | (#38073416)

NASA hacks you ...

Bill Gates (0)

Anonymous Coward | more than 2 years ago | (#38073442)

I remember when Gates wrote that he used to do the same thing as a teenager, hack into corporate computer centers via a dialup connection and try to crash their systems (which he bragged he succeeded in doing more than once). And of course Steve Jobs was a phone phreak.

Re:Bill Gates (2)

Kraftwerk (629978) | more than 2 years ago | (#38073726)

Woz was the phreak, Jobs may have been around but I don't think it was his cup of tea.

Re:Bill Gates (3, Informative)

Anonymous Coward | more than 2 years ago | (#38073774)

Woz was the phone phreak, true. Jobs was the one who wanted to commercialize the device to do the phreaking. Woz was one guy making free calls. Jobs wanted to make money off of selling "free call devices" to others.

Re:Bill Gates (1)

Kraftwerk (629978) | more than 2 years ago | (#38073822)

As punishment, they should have this young man sit down to a meal masticated by John Draper.

Re:Bill Gates (1)

Riceballsan (816702) | more than 2 years ago | (#38073728)

Well that case, it even is still directly doing damage (crashing the server, downtime = lost sales/productivity). Compared to several other hackers that get in comparable trouble for literally just connecting and reading the content. Companies/government tend to want to hold the hackers liable when they connect/access, without actually causing any downtime. Time spent applying security updates for a flaw that should have been fixed before, is not downtime caused by the hacker that is downtime caused by the security team not having done it right the first time. Unless trade secretes were sold to a competitor, or downtime/data loss was caused, there are no "damages". In the same way that trespassing is not by definition theft.

Re:Bill Gates (2)

ackthpt (218170) | more than 2 years ago | (#38074354)

Well that case, it even is still directly doing damage (crashing the server, downtime = lost sales/productivity). Compared to several other hackers that get in comparable trouble for literally just connecting and reading the content. Companies/government tend to want to hold the hackers liable when they connect/access, without actually causing any downtime. Time spent applying security updates for a flaw that should have been fixed before, is not downtime caused by the hacker that is downtime caused by the security team not having done it right the first time. Unless trade secretes were sold to a competitor, or downtime/data loss was caused, there are no "damages". In the same way that trespassing is not by definition theft.

I took over security when I started my first job as a programmer. I already had tried out code for various spoofs and what not. Never did anything nefarious with it (the worst thing I did was bring one system to its knees with a program to compute pi to some large number of places) I knew the weaknesses (those idiots in Milwaukee were only using standard passwords on DEC systems used by Field Service .. password to [1,2] was SYSTEM, password to [1,1] was DECSER or DEC[Month abbreviation]) I developed honey pots and left them around the system where people could find them. Great way to alert me what people were up to. I key scanned and logged everything of known miscreants and methods. It was fun, but too easy. Most attackers were of limited education and vision. Breaking into a system to crash it was idiotic. Breaking into a system to learn was what separated the men from the boys.

Re:Bill Gates (0)

Anonymous Coward | more than 2 years ago | (#38074706)

Breaking into a system to crash it was idiotic. Breaking into a system to learn was what separated the men from the boys.

When I took over the company web site in 1996 I found that the server had been hacked and was being used by the Tamil Tigers to post to Usenet without revealing their true IP. So that's another reason.

Re:Bill Gates (2)

SuricouRaven (1897204) | more than 2 years ago | (#38073830)

Common, I'd imagine. A hacker has to hack - if someone of technological talent isn't directed into a productive use of their skill, they'll likely end up using it to play around just because it's fun. I know when I was a pupil in school I used to frequently hack their primative network security, and had much fun in the dialup days port scanning and poking at whatever I found. A lot of experts today probably got started with some explorations of dubious legality.

Education (-1)

Anonymous Coward | more than 2 years ago | (#38073456)

Well he had enough education to hack your shit.......

Perhaps you're not all as smart as you think because you sat through some classes and regurgitated some shit.

(successful six figure earning high school drop out)

I refused to let my schooling interfere with my education.

Re:Education (5, Insightful)

ByOhTek (1181381) | more than 2 years ago | (#38073540)

How much you make doesn't indicate how much you know.

I have a friend who is a complete idiot in the functional aspect of doing his job, lacking the background education, but he's good with people and instead delegates most of the functional work to others (basically acting like a manager, though he isn't), and makes a huge salary.

And I've another friend, who also lacks the background education, but is very competent, and makes a huge salary.

i.e. Salary does not indicate competence and qualification, sadly this seems to be especially true when you get to managerial and executive level positions, which half the time simply need a warm body to fill a chair and occasionally point in a (hopefully good) direction.

Likewise, Education (or lack thereof) does not indicate competence or qualification.

In general there are trends towards better education meaning more competence, and more competence correlating to higher salary, but they are by no means tight or without exception.

Re:Education (4, Funny)

trum4n (982031) | more than 2 years ago | (#38073662)

Being smart and poor ain't something to brag about. I'd know.

Re:Education (5, Insightful)

0-until-pink (202599) | more than 2 years ago | (#38074390)

This reminds me of the Kurt Vonnegut bit in Slaughterhouse Five about Americans attitude towards esteem and money.

"America is the wealthiest nation on Earth, but its people are mainly poor, and poor Americans are urged to hate themselves. To quote the American humorist Kin Hubbard, “It ain’t no disgrace to be poor, but it might as well be.” It is in fact a crime for an American to be poor, even though America is a nation of poor. Every other nation has folk traditions of men who were poor but extremely wise and virtuous, and therefore more estimable than anyone with power and gold. No such tales are told by the American poor. They mock themselves and glorify their betters. The meanest eating or drinking establishment, owned by a man who is himself poor, is very likely to have a sign on its wall asking this cruel question: “if you’re so smart, why ain’t you rich?” There will also be an American flag no larger than a child’s hand – glued to a lollipop stick and flying from the cash register."

Re:Education (2)

trum4n (982031) | more than 2 years ago | (#38074540)

When I'm a full time project engineer and can't afford to move out of my mom's basement, It's pretty bad. Renting an apartment costs nearly twice what a house costs to buy, per month. And because i have student loans, my credit is so bad i cant get a mortgage, despite having perfect credit otherwise. Being poor sucks.

Re:Education (1)

ackthpt (218170) | more than 2 years ago | (#38074414)

Being smart and poor ain't something to brag about. I'd know.

Ruthless people make the money. Intelligent and ruthless people keep it

Re:Education (2)

trum4n (982031) | more than 2 years ago | (#38074580)

I've noticed. I'm wondering why i obey laws at all. I'm about to just file a patent for "the use of a road with wheels somehow involved" and bribe the patent office. Then ill just sue everyone. Seems to work for apple, ibm, microsoft, and trolls everywhere.

Re:Education (1)

roman_mir (125474) | more than 2 years ago | (#38073862)

It's universal that majority of people who make the most money in the world are the most connected people in the world.

The way to be the most connected is either by being born into the right family or by attending the right schools (which is similar to being born into the right family). It's good to become a member of some exclusive elite club while at school [youtube.com] .

OTOH it's possible to make a lot of money while not having almost any formal education (Steve Jobs or what's his name Zuckerberg).

Re:Education (1)

roman_mir (125474) | more than 2 years ago | (#38073896)

Re:Education (0)

roman_mir (125474) | more than 2 years ago | (#38073922)

(looks like his agents have preemptively modified my previous comment, so it wouldn't link to the story correctly. I am taking another risk here, I don't particularly enjoy polonium 210).
--

Oh, also it's good to be a KGB agent and to be in the right place at the right time in history and to be absolutely willing and able to deal with the most shady elements of society to bring any attempt at a democracy to its knees. [telegraph.co.uk]

It helps when you are a dictator, you can steal a lot of money, especially if the country is resource rich.

Re:Education (1)

dkleinsc (563838) | more than 2 years ago | (#38073932)

How much you make doesn't indicate how much you know.

Sure it does, just not in the way you expect: Power = Work / Time. Knowledge=Power. Time=Money. Thus Money = Work / Knowledge. QED.

Re:Education (0)

ByOhTek (1181381) | more than 2 years ago | (#38074286)

Hmmm.

I believe it was Forbes that said the average CEO worked about 80 hours a year on the position (not counting schmoozing events).

That must mean these people are real vegetables to get so much money with so little work.

"Damn. I lost another chess match with that rutabaga, maybe I should just give up and compete against the celery instead."

Fry Him! (0)

Anonymous Coward | more than 2 years ago | (#38073464)

He's gonna get the chair... after all, it looks bad on us if an uneducated person from Romania can break into multiple "secure" Government systems.

Re:Fry Him! (1)

JonahsDad (1332091) | more than 2 years ago | (#38073814)

Well, either that or Facebook will hire him.

Pictures of his house during arrest (-1, Troll)

dev234 (2509370) | more than 2 years ago | (#38073474)

This is his picture [evenweb.com]

Re:Pictures of his house during arrest (-1)

Anonymous Coward | more than 2 years ago | (#38073496)

don't click that link

Re:Pictures of his house during arrest (2)

Rootkit (2355170) | more than 2 years ago | (#38073502)

Goatse, don't click.

Re:Pictures of his house during arrest (0)

Anonymous Coward | more than 2 years ago | (#38073524)

To late...

and the captcha word was "wisdom"...

Re:Pictures of his house during arrest (0)

Anonymous Coward | more than 2 years ago | (#38073558)

goatse... who the hell still does this.
Apparently there is a part of the world that just now starts receiving internet jokes from the last decade.

Re:Pictures of his house during arrest (2)

ByOhTek (1181381) | more than 2 years ago | (#38073644)

who the hell still falls for this? I just assume any link in the comments is to goatse...

Re:Pictures of his house during arrest (1)

Jeng (926980) | more than 2 years ago | (#38073934)

Any link that goes to evenweb.com is goatse.

Well, the most current links going to goatse over the past month or two have been from evenweb.com

Re:Pictures of his house during arrest (0)

Anonymous Coward | more than 2 years ago | (#38073638)

That's a thorough police search and no mistake.

whata mistakea to makea ... (1)

armandoxxx (2484940) | more than 2 years ago | (#38073504)

Well another government mistake ... just hire the guy as a security advisor ...

...not to endorse his actions (5, Insightful)

Anonymous Coward | more than 2 years ago | (#38073506)

...but why aren't IT admins being held accountable for the lax security on their servers? And no, I don't buy the "if I leave my door unlocked, it's not an invitation to break in", since it's a paid position. If a cop fails to prevent a crime due to neglicence, the city can be sued. Most of these break-ins are due to IT negligence, not hacker genius.

Re:...not to endorse his actions (3, Interesting)

bberens (965711) | more than 2 years ago | (#38073758)

Where do you live that a cop failing to prevent a crime can lead to the city getting sued?

Not in DC (5, Informative)

srussia (884021) | more than 2 years ago | (#38073940)

If a cop fails to prevent a crime due to neglicence, the city can be sued.

http://en.wikipedia.org/wiki/Warren_v._District_of_Columbia [wikipedia.org]

Re:Not in DC (0)

Anonymous Coward | more than 2 years ago | (#38074264)

That explains why DC is crime free...I know there was a good reason.

the boss/PHB needs to be accountable they control (0)

Anonymous Coward | more than 2 years ago | (#38073976)

the boss/PHB needs to be accountable they control funds.

It may be like the IT admin needs more man power / new software / severs and they can't get them. Or is NASA and you need LIKE A PHD just for help desk LEVEL 1

Re:...not to endorse his actions (1)

Anrego (830717) | more than 2 years ago | (#38074012)

Probably money.

As a programmer, while I like to think I'm diligent when it comes to security, if I could find myself in prison for introducing a security bug .. I'd be wanting a hell of a lot more money for accepting that risk.

Ultimately you'd probably just end up with the equivilant of medical malpractice insurance .. occasional screwups would be spread out and become a "cost of business", and we'd just be back to square one.

Re:...not to endorse his actions (3, Insightful)

timeOday (582209) | more than 2 years ago | (#38074032)

Most of these break-ins are due to IT negligence, not hacker genius.

I think negligence would be *very* hard to establish. First, most computer bugs, including vulnerabilities, are very obvious - in retrospect. Finding the needle in the haystack is easy after somebody points it out to you. That's entirely different than integrating hundreds of software components without creating any "obvious" holes.

Second, how many sysadmins are given all the resources they would like to do their jobs? Security is cost/benefit, like anything else, you devote enough resources to make the pain tolerable, and no more. That means most admins have far more responsibilities than they can cover 100%.

Re:...not to endorse his actions (3)

bws111 (1216812) | more than 2 years ago | (#38074164)

How do you know the admin was not held responsible? He could have been fired, demoted, etc.

If you mean why isn't the admin held responsible by the legal system, what law would allow him to be held responsible? IT admins are not sworn to duty (like police) or licensed (like professional engineers).

Your example of the city being sued does not work here. The person suing the city would be the person who was harmed by the negligence. Who, other than NASA, would have standing to sue in this case? Who would they sue, themselves?

Re:...not to endorse his actions (0)

Anonymous Coward | more than 2 years ago | (#38074386)

From my personal experience a lot of the time the IT admins are not given the budgets needed to implement all required security. The phrase "just make it work" gets thrown around a lot. All the while expecting it to be done in a fraction of the time it would take under normal circumstances. Let alone after half the department has been laid off.

Your kidding right, they're the government (1)

Shivetya (243324) | more than 2 years ago | (#38074460)

We have the head the of SEC replying when asked "why can't we fire failed regulators" respond by saying that that would harm the agency.

http://www.washingtonpost.com/business/economy/seven-sec-employees-disciplined-on-failure-to-stop-madoff-fraud/2011/11/10/gIQA3kYYCN_story.html [washingtonpost.com]

We just had a recent story about how the IRS can't get its act together and I betcha they are not in worry about losing their jobs. We have more government workers making over 100k a year and 900+ over 170k a year. Do you think any are truly accountable now?

We are Greece, we just fail to admit it. When one in seven works for a government agency I think it is a clue. Protect your own is their motto.

Re:...not to endorse his actions (0)

Anonymous Coward | more than 2 years ago | (#38074840)

If a cop fails to prevent a crime due to neglicence

Don't don't fail to "prevent crime." They only deal with crime AFTER it happens. Furthermore, cops have absolutely no legal obligation to prevent crime nor are the obligated to save you from anything if its a question of their own safety.

Damages (3, Interesting)

AdamJS (2466928) | more than 2 years ago | (#38073518)

I'm betting the damages are formulated entirely from the cost of them having to do PR (they got hacked by a NEET after all) and 'fix' the security hole (because face it, they'll probably introduce 10 more flaws when fixing one).

Re:Damages (1)

HopefulIntern (1759406) | more than 2 years ago | (#38073608)

I was just about to ask, how do you quantify "damage" within software (or otherwise intangible things), when I guess what they mean is reputation damage.

Re:Damages (4, Insightful)

bberens (965711) | more than 2 years ago | (#38073776)

You get a few senior level IT people in a room and a single meeting can easily cost $1k. Total time to figure out what happened, track the guy down, etc. could easily cost $500k.

Re:Damages (0)

Anonymous Coward | more than 2 years ago | (#38074440)

This.... this is exactly what many middle managers don't get! e.g. "lets have an hour meeting with a dozen developers" actually *does* cost the company about a thousand dollars of usually non-revenue generating activity.

Once we had a company-wide get-together, that cost ~$60k to book (rent out a hotel, and a buncha conference rooms for two days). When someone brought up that "this is a lot of money to spend on two days"... it was quickly pointed out that the company is actually spending 20x as much on the salaries of all the people who are there...

Re:Damages (1)

DigiShaman (671371) | more than 2 years ago | (#38075056)

Meetings are important so long as they help set the agenda and ensure everyone attending is on the same page with regards to workflow and trending issues seen out in the field (campus). Simply put, it's about collaboration in areas that are meaningful and constructive.

Now, 60k for a one-time meeting in meat-space is a waste of money IMHO. In a scenario where you have managers in multiple locations, it would server better to have many reoccurring scheduled teleconferences vs. one rare expensive meeting.

Re:Damages (2, Informative)

Anonymous Coward | more than 2 years ago | (#38074684)

As someone who worked at NASA during a hacker break-in, I am frankly surprised that the damages are that small. All of the machines were taken offline for a couple of days. All of the IT people worked round the clock to restore the servers to a previous state and try and fix the exploit. All kinds of onerous policies for the users are put in place that lasted for a month. Several new onerous policies persisted longer. Work productivity was definitely lost by all of the users (scientists) of all of the computer systems. Accusing the IT folks of being lapse is totally ignorant as well. Some of the finest IT people work for NASA. NASA's problem instead is the rule from the top. Administrators with basically no science or IT experience enact policies that those people need to follow which are stupid. Many of the IT people know it but they are stuck with the administrators' or even government mandates as to how these systems need to be operated. I remember several of the IT people during the incident that occurred while I was there complaining that they were not as yet allowed to move the systems into virtualization where far less damage occurs with exploits.

Re:Damages (0)

Anonymous Coward | more than 2 years ago | (#38074768)

NEET -> status zero
iceman -> sub zero

http://en.wikipedia.org/wiki/NEET

How much? (2)

Coisiche (2000870) | more than 2 years ago | (#38073538)

I can maybe understand if a figure like that is reached via physical proximity and a sledgehammer.

But an unauthorised intrusion?

Even a complete restore from backup can't possibly cost that much in lost time for employees.

Re:How much? (1)

jackbird (721605) | more than 2 years ago | (#38073586)

I could see the audit process to determine what, if anything, was downloaded/altered costing a pretty good chunk of that. Especially when you start getting lawyers involved over possible ITAR issues if someone on the inside was negligent or actively aiding the intrusion.

Re:How much? (3, Insightful)

moogied (1175879) | more than 2 years ago | (#38073724)

Its not just a restore. There was an investigation, then an audit process for the proposed change, then you have the CAB meetings, the testing in dev, then in stage, then finally the push to production environment. Then you have possible hardware changes(depending on mode of access), and additionally you need to sanitize the environment to be 100% sure nothing was left behind. Thats easily a few hundred man hours . 500k may be a tad high(depending on a lot of things), but its not unreasonable.

Re:How much? (1)

gl4ss (559668) | more than 2 years ago | (#38074026)

actually all that work would have been necessary regardless of the intrusion.

Re:How much? (1)

gl4ss (559668) | more than 2 years ago | (#38073798)

the costs come from noticing and investigating.
in other words, there would have been no monetary damages if they hadn't pursued the culprit.

funny, eh? the damages are thus made up from thin air.

Re:How much? (0)

Anonymous Coward | more than 2 years ago | (#38074498)

Considering that my company is paying $1000/day for my services. Nasa has 18,000 employees. If you need to do a complete restore from backup, losing 2 days of work, then that alone would cost... $1000*2*18000=$36,000,000. So yes, it would be far in excess of $500k. More if you need to restore from further back depending on how quickly they were able to detect the intrusion, and confirm that no intrusions happened prior to 2 days ago.

No education or occupation (4, Insightful)

roman_mir (125474) | more than 2 years ago | (#38073550)

According to local reports, the hacker used the online moniker of "Iceman." He does not have a higher education or an occupation, a DIICOT spokeswoman said.

No education and no occupation, ha?

So who is working for NASA then, that this 'no-education and no-occupation' individual is able to break into their systems?

Butyka is accused of hacking into several NASA servers over a period of time that started on Dec. 12, 2010. The authorities claim that the hacker destroyed protected data and restricted access to it. The charges brought against Butyka include obtaining unauthorized access and causing severe disruptions to a computer system, modifying, damaging and restricting access to data without authorization and possession of hacking programs.

He possess hacking programs, that means he is a terrorist. What kind of 'severe disruptions' did he cause that cost 500,000 USD?

Romanian authorities have arrested a 26-year old hacker who is accused of breaking into multiple NASA servers and causing $500,000 in damages to the U.S. space agency's systems.

- this is a bunch of nonsense.

He cost an admin a few hours of time and maybe a reinstall and reconfigure. Even at 1000USD / hour no way somebody spent 500 hours on it (that's 20.8 24 hour days) or 12.5 40 hour weeks.

This is more government nonsense.

Re:No education or occupation (3, Interesting)

GameboyRMH (1153867) | more than 2 years ago | (#38073628)

Possession of "hacking programs" is a crime? I think all my computers except my gaming PC have "hacking programs" on them, good thing I don't travel to the states these days.

Re:No education or occupation (4, Funny)

roman_mir (125474) | more than 2 years ago | (#38073698)

well, he also owns a computer, this is almost a 100% indication that he is a pedophile-terrorist, or a pedo-rist.

This is what government is for - making sure that the right people are always punished for their transgressions. That's why Jon Corzine is in charge normally, of some government and/or economic function somehow and disgusting people like Ron Paul are blacked out by the media because they challenge the status-quo.

Also USA is sending troops to Australia [rt.com] . You know, in case pro-Chinese Kangaroos join Al-Qaeda.

Re:No education or occupation (2)

Pi1grim (1956208) | more than 2 years ago | (#38073828)

Now that I think of it, the government own quite a number of computers

Re:No education or occupation (1)

roman_mir (125474) | more than 2 years ago | (#38073968)

Yes, and I am sure that some of those computers will be "inadvertently" found to be in possession of some of those Australian kangaroos. And Ron Paul.

Re:No education or occupation (2)

TommyGunnRX (756664) | more than 2 years ago | (#38073762)

... good thing I don't travel to the states these days.

Not sure what the laws are in the 'states' regarding hacking programs, but the article clearly states he was arrested in Romania... Does this mean residents of Romania are restricted from accessing BackTrack and BackBox linux distros?

Re:No education or occupation (1)

nigral (914777) | more than 2 years ago | (#38074212)

good thing I don't travel to the states these days.

Does it sound like he did?

Re:No education or occupation (1)

Creepy (93888) | more than 2 years ago | (#38074902)

This easily falls under the CFAA [wikipedia.org] in the United States, but so does practically anything, like, say lying about your weight on a dating site (seriously - there was an article about it on the Register yesterday as of this writing). I'm sure hacking programs are also covered in an over broad way on that law.

And of course United States laws apply to everyone... but I can see Romanian authorities bowing to the whims of the United States - if the US has a friend in Europe, it is Romania. When I was there about the only anti-US thing I saw was a little kid with a CCCP T-shirt. Aside from that, I saw a lot of EU and US help, and well needed at that - the Soviet era road system was in a pretty bad state, and it was easy to tell the old trains from the new. Not sure how much has changed since then.

Re:No education or occupation (1)

sgt scrub (869860) | more than 2 years ago | (#38074998)

You have vi on all but one of your machines? You damned criminal types! :P

Re:No education or occupation (2)

Sarten-X (1102295) | more than 2 years ago | (#38073858)

Reinstalling and reconfiguring every system the hacker may have touched is impractical, and would take far more time than NASA can spare. Calling in auditors to make sure there were no rootkits, backdoors, or other bad stuff on any other systems is expensive. Deleting the results (and backups) of the latest experiments means months or years of work has to be redone.

$500,000 actually strikes me as a pretty reasonable estimate.

Re:No education or occupation (2)

roman_mir (125474) | more than 2 years ago | (#38074050)

That's just nonsense. A large organization can re-image large numbers of machines automatically, but more importantly is that in large organizations the Internet connection is normally done through one or a few systems, not every computer has its own external IP address and ports are restricted on the exit nodes. Watching and restricting the Internet-to-internal machine traffic on ports is part of what admins are for in the first place.

Fix the problem even if it means a reinstall of the exit nodes, patch the hole, change the passwords and keep watching the traffic, fixing whatever happens internally if it happens. But that's routine work for a network admin.

Re:No education or occupation (5, Informative)

Sarten-X (1102295) | more than 2 years ago | (#38074548)

I take it you've never actually worked on a high-security system. Here's what I remember of the procedure at the last high-security place I worked:

In the event that a machine (including a gateway) is compromised, any machine it can access is considered threatened, and must be thoroughly checked. No, NAT does not help, because once someone has control over the bridge, they can send data to any machine they want, even those without an external IP address. If any router, switch, or machine shows any slightly-suspicious activity (even as benign as an unscheduled database login), that machine gets an even more thorough examination to find out whether the activity was actually related to the hack, and what resources the hacker may have gained access to. If there's any indication that the hacker had shell access or retrieved data, the machine is considered compromised. If the machine stored any sensitive data, that data is reviewed to see if it could allow access to other systems (such as challenge questions & answers for resetting passwords). This investigation, which often involves the use of outside consultants (because there may have been inside help) continues throughout the whole network until the full extent of the breach is known. Being a government agency, the breach will likely involve a several-hundred-page report covering every detail. Somebody has to write that.

The cost is already in the hundreds of thousands of dollars, and only then can the repairs start. It's often not as simple as just restoring a backup, either. Sure, the operating system can usually be done quickly (including fixes for the responsible security holes), but if there's any indication of data being touched (which, in this case, there was), that has to be addressed, too. Backups are usually old. In an ideal world we'd be making hourly backups stored offsite in an everything-proof vault, but that's never really the case. If an admin's lucky, he has a backup that's less than a week old - or it was when the breach occurred. Somehow (best described as "magically"), the admin has to figure out what changes were intentional (like experiment results, or customer orders, or whatever) and what was the result of the breach, then piece together the data to get something reasonably complete and up-to-date. Finally, after days, weeks, or months of reconstruction (most vital systems first, of course), the system is declared clean. Until then, projects get postponed, and other employees are being paid to play solitaire until their real work can continue.

Then there's the "let's not do this again" phase, where employees change passwords, get lectured on security practices, sit through seminars on how to properly encrypt data, and so forth, all of which costs even more money. There's probably still an ongoing investigation as to whether anyone inside the organization helped the hacker, likely being run by consultants.

Then there's the damages caused by any delays, which may involve contractual obligations. That's more money.

It's not as simple as just re-imaging and assuming that everything's fine. Sure, that works on workstations, but it's unlikely that a workstation was all that was damaged. Once a server gets touched, the costs rise dramatically.

Re:No education or occupation (0)

roman_mir (125474) | more than 2 years ago | (#38074864)

More nonsense. This is not CIA, it's NASA. Yes, I worked in banks and telcos, and sometimes viruses were found in the systems (email is the usual culprit, or maybe somebody's flash card or some disk). Normally the the work stations are NOT re-imaged or anything, but they can be cleaned by an admin, either over the network or even coming physically to a machine with a piece of software.

All this other stuff, the gateway, the routers, the servers, etc.etc., it's all admin's responsibility on day to day basis, and it's just BS that all machines become magically compromised just because somebody penetrated an Internet facing server. Sure, you can't be totally certain, but it's an internal network. Fix the gateway and watch the traffic inside.

All these numbers (500K) are artificial nonsense.

Re:No education or occupation (3, Insightful)

timeOday (582209) | more than 2 years ago | (#38074066)

So who is working for NASA then, that this 'no-education and no-occupation' individual is able to break into their systems?

So anybody who can smash a car window and steal a stereo is smarter than the guys who design cars? That is not a logical conclusion.

Re:No education or occupation (1)

roman_mir (125474) | more than 2 years ago | (#38074106)

If that's your metaphor for an unpatched system or a system with some weak passwords in it, then I can't help you.

The work of an admin is not to leave an 'unsecured car' without supervision. If the 'windows can be smashed', it means the admin is not doing his job.

Actually it's more like having a tank with a hutch opened, and somebody throwing a hand grenade into it.

Re:No education or occupation (1)

Hentes (2461350) | more than 2 years ago | (#38074236)

No education and no occupation, ha?

So who is working for NASA then, that this 'no-education and no-occupation' individual is able to break into their systems?

This is Eastern Europe. He might have a job and just evading taxes.

Re:No education or occupation (1)

roman_mir (125474) | more than 2 years ago | (#38074262)

Evading taxes? Oh crap, don't tell that to the prosecutors. Like the guy doesn't have enough problems on his plate already. Shush.

No different than (1)

future assassin (639396) | more than 2 years ago | (#38074438)

the DEA stating that each cannabis plant is equal to a lb of weed, Sure its possbile if you grew it outdoors in Calfornia but 99% of the time people get no where near that. With big plants (6 week veg) they might get 4oz dry off each plant.

Re:No education or occupation (0)

Anonymous Coward | more than 2 years ago | (#38074488)

He possess hacking programs, that means he is a terrorist. What kind of 'severe disruptions' did he cause that cost 500,000 USD?

Romanian authorities have arrested a 26-year old hacker who is accused of breaking into multiple NASA servers and causing $500,000 in damages to the U.S. space agency's systems.

- this is a bunch of nonsense.

He cost an admin a few hours of time and maybe a reinstall and reconfigure. Even at 1000USD / hour no way somebody spent 500 hours on it (that's 20.8 24 hour days) or 12.5 40 hour weeks.

This is more government nonsense.

No, the real cost is that their systems needed to have their security upgraded to where they should have been in the first place.

Re:No education or occupation (1)

cachimaster (127194) | more than 2 years ago | (#38074866)

No education and no occupation, ha?
So who is working for NASA then, that this 'no-education and no-occupation' individual is able to break into their systems?

A virus can break into your huge, complex and perfectly evolved human immune system, while being the simplest lifeform.

Defending is a much harder problem than attacking.

Re:No education or occupation (1)

roman_mir (125474) | more than 2 years ago | (#38074920)

A virus can break into your huge, complex and perfectly evolved human immune system, while being the simplest lifeform.

- I don't think viruses are 'simplest lifeforms' or even 'lifeforms', and I certainly don't think that I have an immune system that is that perfect at all. It's not that wonderful and also if it's not a virus but a brick thrown into the head, then it's pretty much useless!

Re:No education or occupation (1)

sgt scrub (869860) | more than 2 years ago | (#38074984)

So who is working for NASA then, that this 'no-education and no-occupation' individual is able to break into their systems?

So who was working for NASA then, that this 'no-education and no-occupation' individual is able to break into their systems? FTFY

What kind of 'severe disruptions' did he cause that cost 500,000 USD?

It costs money to replace your entire IT department.

Re:No education or occupation (1)

roman_mir (125474) | more than 2 years ago | (#38075062)

so your contention is that NASA's IT dep't must be fired?

Aren't you this [slashdot.org] guy [slashdot.org] ? You didn't answer [slashdot.org] the question [slashdot.org] yet.

For a guy who is for burning people if they don't hire some folks above the rate, that would make them actually profitable to a company, you are quick to assume people should be fired for whatever mistake. Interesting.

Pictures of the arrest (-1, Troll)

dev235 (2509376) | more than 2 years ago | (#38073556)

This is his picture [evenweb.com]

Re:Pictures of the arrest (0)

GameboyRMH (1153867) | more than 2 years ago | (#38073612)

Anyone who clicks on these deserves it. Lazy fucker's using a URL that trolls have been using for at least a year now.

Re:Pictures of the arrest (1)

roman_mir (125474) | more than 2 years ago | (#38073616)

by the way, based on the previous thread with this same user under dev235 [slashdot.org] , I am just going to assume that the picture he links to is goat love, so unless you are into that kind of shit, you may want to abstain from going there.

Re:Pictures of the arrest (1)

Jeng (926980) | more than 2 years ago | (#38073978)

Any time it is evenweb.com it is goatse, he uses many different accounts, but only one domain.

Alien Secret Documents (0)

Anonymous Coward | more than 2 years ago | (#38073580)

...OK, but did he get to the Secret Documents about the Aliens?

Re:Alien Secret Documents (2)

sizzzzlerz (714878) | more than 2 years ago | (#38073610)

Or those classified documents of how they faked the moon landings?

The United Federation of Planets must know! (2)

sl4shd0rk (755837) | more than 2 years ago | (#38073584)

They are evidently no longer basing operations within the Beta Quadrant!

Pictures of the arrest (-1, Troll)

dev236 (2509380) | more than 2 years ago | (#38073626)

This is his picture [evenweb.com]

Re:Pictures of the arrest (0)

roman_mir (125474) | more than 2 years ago | (#38073734)

The above user loves goats.

So NASA was p0wned by a newb? (1)

Anonymous Coward | more than 2 years ago | (#38073712)

I bet the embarrassment alone was worth $500K and then some.

When this happens... (0)

Anonymous Coward | more than 2 years ago | (#38073718)

You wonder why your security was bad enough that that guy got through it.

$500,000? (2)

JustAnotherIdiot (1980292) | more than 2 years ago | (#38073876)

This number bothers me, and I find it hard to believe.
Even more so because TFA doesn't ever mention /what/ it was he did.
Sure, he broke in, but what did he do with that access?
Delete files? Rename them? Rearrange them? Simply just shut the servers down? Perhaps a virus or two?
All I can think of that should be possible remotely would just cause an IT admin a headache for a few hours while he fixed the damages.
Unless he found the "self destruct" button, and now NASA is without any equipment.

Re:$500,000? (1)

GodfatherofSoul (174979) | more than 2 years ago | (#38074040)

I'm guessing you're a hacker apologist? After an intrusion there are resources that have to be redirected to find out what access the intruder got; there's downtime hardware, there's the cost of the investigation e.g. flying inspectors out to Romania if needed.

No harm-no foul rules only count on non-critical systems. Most admins don't take intrusions as an "academic act of altruism granted to them by white hats."

Re:$500,000? (1)

JustAnotherIdiot (1980292) | more than 2 years ago | (#38074110)

Not in the slightest. I was questioning the number, not his punishment.

Re:$500,000? (1)

Anonymous Coward | more than 2 years ago | (#38074220)

So why are not the people who's application had the hole he used not responsible at all.
I bet there would be a lot fewer holes to exploit.
And with all the billion NASA has or can earn if they wont stand behind a NASA used application then NASA should write it themselves. Not let something that critical connect to a public network.
Not spend my tax dollar finding some guy with no education in Romania how much do you think that cost.

wich one? (0)

Anonymous Coward | more than 2 years ago | (#38074306)

is he like val kilmer, ( iceman in topgun ) or did he watch to much '84 movies (there's even a new one coming out soon)
but if he named himself after the iceman (val kilmer in topgun), i'd have a hard time calling the dude a terrorist....
anyhow, if it's only a scriptkiddy (26 is a bit old for that, but then... it's only a term), nasa should be looking at themselves before whoopin his scrony little ass with words like terrorist...

Top Gun References Abound.... (0)

Anonymous Coward | more than 2 years ago | (#38074340)

I feel the need ... the need for speed....

Talk to me Goose.....

You are writing checks your body can't cash!!!

this aFP for GNAA? (-1)

Anonymous Coward | more than 2 years ago | (#38074476)

ONES IN SOFTWARE a fact: FrreBSD ass of them all, you all is to let 3orporations Chronic abuse of Work that you Fact: *BSD is dying from the FreeBSD market share. Red

Re:this aFP for GNAA? (1)

Sarten-X (1102295) | more than 2 years ago | (#38074730)

Gesundheit.

Tmaco (-1)

Anonymous Coward | more than 2 years ago | (#38074880)

the project to a fact: FreeBSD 4ppeared...Saying

Romanian Accused of Breaking Into NASA (1)

roman_mir (125474) | more than 2 years ago | (#38074976)

I see his problem.

He should have just asked nicely, wouldn't have to break in.

OTOH he IS Romanian... so. that too. Maybe if he was Jamie Dimon then he could just say: well, some money did disappear, but then again, I am just a CEO. What do I know?

Then NASA, CIA and FBI and Fed would just give him a bunch of money and let him continue doing what he does....

But this guy is a nobody, that's his real problem.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...