International Space Station Infected With Malware Carried By Russian Astronauts

← Back to Stories (view on slashdot.org)

International Space Station Infected With Malware Carried By Russian Astronauts

Posted by samzenpus on Monday November 11, 2013 @04:09AM from the click-here-if-you-want-air dept.

DavidGilbert99 writes "Nowhere is safe. Even in the cold expanse of space, computer malware manages to find a way. According to Russian security expert Eugene Kaspersky, the SCADA systems on board the International Space Station have been infected by malware which was carried into space on USB sticks by Russian astronauts."

37 of 226 comments (clear)

Min score:

Reason:

Sort:

Oh, the irony... by nospam007 · 2013-11-11 04:09 · Score: 4, Funny

Skynet transported into space by sneakernet.
1. Re:Oh, the irony... by girlintraining · 2013-11-11 04:47 · Score: 4, Interesting
  
  Skynet transported into space by sneakernet.
  More seriously... those SCADA systems control life support. That's a problem if you're one of those types of people that would rather go on sucking nitrogen/oxygen mixtures instead of vaccum up there. Now, I'm pretty sure that unlike in the movies there's no computer control that lets them just vent all the atmosphere into space in a few seconds, but if those systems were programmed to damage the ISS, it might force it to be abandoned. That would be bad.. especially if it de-orbited suddenly. That's a very, very big thing to be coming down to Earth, and it wouldn't break apart in a tight pattern either.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
2. Re:Oh, the irony... by girlintraining · 2013-11-11 06:02 · Score: 3, Funny
  
  Okay that's going to cause some confusion, because in Soviet Russia, vacuum sucks you.
  That's nothing. In Soviet America internet browses you! And apparently Soviet Britain too, given the post earlier today. :\
  
  --
  #fuckbeta #iamslashdot #dicemustdie
3. Re:Oh, the irony... by girlintraining · 2013-11-11 06:09 · Score: 5, Informative
  
  Not subtle enough. All you really need to do is drop the O2 Concentration by 2-3 percent while allowing CO2 to increase. Astronauts then make mistake that
  Stop. Please. There are independently-alarmed sensors on the ISS in each compartment that check oxygen and Co2 levels, and there are emergency scrubbers present. All they need to do is go to the storage compartment, pull out the cylinder, twist, and let it float there. It will, via chemical reaction, eat up several days worth of Co2. And these people are given oxygen-deprivation training prior to assignment; They're professionals. They will realize the problem even without all those safeguards.
  The risk is not to the people, the risk is to the equipment -- those SCADA systems control much of the automated systems on board, including thrusters that control yaw, roll, solar panel angles, etc. If you fuck with those, you could, say, twist up the solar panels like a cork and snap lines. You could disable the stabilization gyros and send the thing into a spin. Or you could just disable them at a key moment and allow the ISS to hit space debris -- it needs to adjusts its orbit on an irregular basis for just this reason. Even just tilting it so it's broadside with the sun and then disabling everything would be enough to bring it down in a few months if control couldn't be re-established... difficult if the thrusters were set to a mode where they burn fuel off as fast as possible at opposing points across the central axis, for example.
  No country down here has the ability to rapidly build, assemble, transport, and launch, required repair supplies in time to salvage it if someone were to do this. The ISS would de-orbit. But the risk to the astronauts lives? Low. Risk of damage to property on the ground? Middleish; The world still is mostly ocean afterall.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
4. Re: Oh, the irony... by roc97007 · 2013-11-11 06:12 · Score: 3, Informative
  
  It's the Fulton's Folly argument. They laughed at Fulton, and he was proven correct. They're laughing at me, therefore I will be proven to be correct.
  The people who make this argument don't seem to understand the basic flaw. Or, they hope their listeners won't.
  
  --
  Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
5. Re: Oh, the irony... by NemosomeN · 2013-11-11 06:16 · Score: 4, Insightful
  
  If a guy on the street was screaming that the NSA was tapping the phones of world leaders, we would have called him crazy. The fact that it later came out that the NSA was tapping the phones of world leaders doesn't retroactively make that person not crazy. Or was your point "Yes, I may be crazy, but sometimes crazy people are coincidentally correct!" I'm sure there are paranoid schizophrenic people that are right now being investigated by the FBI -- but they are still paranoid schizophrenic.
  
  --
  I hate grammar Nazi's.
6. Re:Oh, the irony... by Ioldanach · 2013-11-11 06:20 · Score: 4, Insightful
  
  The ISS is nothing more than a thinly veiled weapons platform cloaked as a space station. Rods from God is the ultimate weapon, inflicting nuclear scale devastation without the pesky fallout. Within our lifetimes expect to see an attack launched and the USA will claim that they had no part in it, when in reality they will be the instigating party with plausible deniability.
  Why would the Rods from God project require a manned platform? Especially an international crew that would be likely to discover the device and report it back to their own respective countries?
7. Re:Oh, the irony... by Bigbutt · 2013-11-11 06:23 · Score: 4, Informative
  
  Really, how do you know that? The article doesn't identify the malware.
  Kaspersky compares the situation to the Stuxnet virus where even without internet access, malware can infect systems but he has no apparent knowledge of the actual virus(s) that are on ISS.
  [John]
  
  --
  Shit better not happen!
8. Re:Oh, the irony... by imikem · 2013-11-11 06:31 · Score: 4, Funny
  
  Sure, go and inject reason and logic to a perfectly good paranoid rant. I hope you're proud of yourself.
  
  --
  Perscriptio in manibus tabellariorum est.
9. Re:Oh, the irony... by MachineShedFred · 2013-11-11 06:36 · Score: 5, Funny
  
  Wait, are you saying that a computer virus can't stop lithium hydroxide from chemically absorbing CO2?
  What a shitty virus.
  
  --
  Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
10. Re: Oh, the irony... by K.+S.+Kyosuke · 2013-11-11 07:24 · Score: 3, Insightful
  
  The claim that NSA was spying on everyone was believable. In fact, I had sort of expected that happening. On the other hand, the claim that these "rods from god" can violate fundamental laws of physics, including the law of conservation of energy, to achieve "nuclear scale devastation", smells not only of thinking patterns of a conspiracy theorist but rather of sheer lunacy (or lack of high school education, or both).
  
  --
  Ezekiel 23:20
11. Re:Oh, the irony... by Samantha+Wright · 2013-11-11 07:38 · Score: 3, Insightful
  
  When you see "Russian", "USB key", "malware" and "SCADA" in a sentence you should automatically think Stuxnet, which TFA talks about at length. Stuxnet, happily, only attacks centrifuges, and is generally very sophisticated about staying out of the way. The chances of any complications happening spontaneously are somewhere between "Hollywood movie plot" and "political promise."
  
  --
  Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
12. Re:Oh, the irony... by drcheap · 2013-11-11 10:58 · Score: 3, Funny
  
  "...where even without internet access, malware can infect systems..."
  What a preposterous thought! There is absolutely no way a virus could spread to other computers without ... The Internet!
Linux... by ZiakII · 2013-11-11 04:11 · Score: 5, Insightful

From the article As these systems are based on Linux, they are open to infection.

What system is not open to infection...
1. Re:Linux... by dukeblue219 · 2013-11-11 04:16 · Score: 5, Insightful
  
  To geeks it sounds like an uninformed attack on linux's security, but I think what the author means to say is "these are not proprietary custom-designed systems, but are based on a common Earthly operating system and thus may have known vulnerabilities."
  
  --
  -Ted http://www.freemathhelp.com/
2. Re:Linux... by UnknowingFool · 2013-11-11 04:23 · Score: 5, Insightful
  
  I took that as either a lack of knowledge or bias. In the next few paragraphs they talk about Stuxner which was a Windows worm. Linux is by no means perfectly secure. Nothing is. I would take the track record of Linux over Windows any day.
  
  --
  Well, there's spam egg sausage and spam, that's not got much spam in it.
3. Re:Linux... by marcello_dl · 2013-11-11 04:24 · Score: 5, Interesting
  
  My question instead is "What linux system automounts usb drives without the noexec flag", or "how on hell did whatever program get executed by the onboard systems". Did the malware reside on some personal device and exploited some remote weakness on the systems which i guess give network access to get the much needed email and lolcat pic of the day?
  But I'm too lazy for TFA so I'll pass with a "meh".
  
  --
  ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
4. Re:Linux... by Skiron · 2013-11-11 04:29 · Score: 4, Insightful
  
  Yes, WTF is that all about? Sounds to me like a MS wedge of money went to the reporter to sneak that in [quote below]
  
  The reason is that the space station uses computer-controlled SCADA systems in order to manage various physical components of the satellite. As these systems are based on Linux, they are open to infection.
5. Re:Linux... by kesuki · 2013-11-11 04:30 · Score: 4, Insightful
  
  there are two problems with this http://en.wikipedia.org/wiki/Stuxnet according to wikipedia stuxnet was to be self deleting in 2012 but is mentioned in TFA, and stuxnet doesn't affect linux systems at all. also the space station only uses linux for their laptops. so TFA is very poorly written and with no fact checking. scada is not based on linux either it is windows based so tfa is way off base. http://en.wikipedia.org/wiki/SCADA
  
  --
  https://www.gnu.org/philosophy/free-sw.html
6. Re:Linux... by freezin+fat+guy · 2013-11-11 04:34 · Score: 5, Insightful
  
  If the author of the comments were as unbiased as you it might indeed mean that.
  However, he makes money telling Windows users they will be safe if they remember to pay him their fees. Not the same protection racket from the Linux crowd so I'm sure he's pleased to take any swipe he can.
7. Re:Linux... by thue · 2013-11-11 04:39 · Score: 5, Informative
  
  There is a whole class of vulnerabilities related to maliciously crafted filesystem structures. You necessarily don't need to execute or open any files, you just need to try to mount it.
  There is another class of vulnerabilities related to the preview feature of some Linux file managers. So you don't even need to open any non-executable files to be vulnerable either.
  And then there if of course standard buffer overflows when opening non-executable files.
8. Re:Linux... by sl4shd0rk · 2013-11-11 04:41 · Score: 4, Informative
  
  Strange, Stuxnet is a Windows program*.
  The worm consists of a layered attack against three different systems:
  The Windows operating system,
  Siemens PCS 7, WinCC and STEP7 industrial software applications that run on Windows and
  One or more Siemens S7 PLCs.
  Perhaps ISS is running Wine, or there was an error in translation? Not saying Linux is impenetrable, just pointing out the facts (at least as I know them).
  [*] - http://en.wikipedia.org/wiki/Stuxnet
  
  --
  Join the Slashcott! Feb 10 thru Feb 17!
9. Re:Linux... by echusarcana · 2013-11-11 05:08 · Score: 5, Informative
  
  This story is factually incorrect and refers to an incident a number of years ago. At the time of the infection, the system was running Windows XP.
  http://www.extremetech.com/extreme/155392-international-space-station-switches-from-windows-to-linux-for-improved-reliability
10. Re:Linux... by mcgrew · 2013-11-11 05:42 · Score: 5, Informative
  
  TFA was bad, I read it. I wish I'd read it before I voted in the firehose :(
  Sorry, guys. That one line "As these systems are based on Linux, they are open to infection" discredits the author and the rest of the article. Since Windows viruses like the Stuxnet virus they say infected the station, Linux has nothing to do with it.
  Wondering if it even happened I googled. space.com:
  
  A virus designed to swipe passwords from online gamers has inexplicably popped up in some laptop computers aboard the International Space Station.
  The low-risk virus was detected on July 25, but did not infect the space station?s command and control computers and poses no threat to the orbiting laboratory, NASA officials said.
  ?This is basically a nuisance,? NASA spokesperson Kelly Humphries told SPACE.com from the agency?s Johnson Space Center in Houston
  According to a NASA planning document obtained by SPACE.com, the virus was identified as W32.Gammima.AG. The California-based retail anti-virus software manufacturer Symantec describes it as a Windows-based worm which spreads by copying itself onto removable media.
  It has nothing to do with Linux, TFA is either a troll or an MS shill. The submitter should be ashamed of himself for submitting such a piss-poor article (and I'm ashamed I voted before reading). TFA linked in the summary is garbage. It didn't even get the damned virus right. There are far better accounts, including the one I linked above.
  
  --
  Free Martian Whores!
11. Re:Linux... by mcgrew · 2013-11-11 06:03 · Score: 5, Informative
  
  But I'm too lazy for TFA
  Don't bother, it's garbage. Linux has nothing to do with it, it isn't affecting C&C (NASA says it's simply a nuisance) and TFA got every single thing wrong. It's a worm, not a virus. They don't know how it got there, there are both Linux and Windows laptops up there and NASA says they have to check all the Windows (not Linux since it's a Windows worm) laptops for it.
  From now on I'm checking closer before voting stories up. Any story posted by DavidGilbert99 gets downvoted by me. David Gilbert, article author and submitter, is a troll. ibTimes should fire him, that article is pure unadulterated bullshit, see here.
  
  --
  Free Martian Whores!
12. Re:Linux... by roc97007 · 2013-11-11 06:14 · Score: 5, Informative
  
  If the author of the comments were as unbiased as you it might indeed mean that.
  However, he makes money telling Windows users they will be safe if they remember to pay him their fees. Not the same protection racket from the Linux crowd so I'm sure he's pleased to take any swipe he can.
  Very good point. And if the ISS was running Windows for Spaceships and got infected, it wouldn't even be news.
  
  --
  Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
In space.... by cold+fjord · 2013-11-11 04:12 · Score: 5, Funny

They say that in space nobody can hear you scream, but I'll bet they can hear you curse. #$%@#$%!!! MALWARE!!!!

--
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
Awesome! by mythosaz · 2013-11-11 04:21 · Score: 5, Funny

I can't be the first guy to read this today and go, "Seriously? We infected computers on the ISS? That's freakin' awesome."
1. Re:Awesome! by GodfatherofSoul · 2013-11-11 04:23 · Score: 5, Funny
  
  We?
  
  --
  I swear to God...I swear to God! That is NOT how you treat your human!
WTF? by Virtucon · 2013-11-11 04:23 · Score: 4, Interesting

I use Kapersky and while I like the product I don't necessarily like this comment:

The reason is that the space station uses computer-controlled SCADA systems in order to manage various physical components of the satellite. As these systems are based on Linux, they are open to infection.
So even on the ISS there's no concept of an air gap when it comes to SCADA systems? I realize there's monitoring and management required but there are tools and policies for dealing with that but shit, what is being eluded to is that the Russian Astronauts gerfinkerpoked around with a USB thumb drive and now we have an F*d up multi-billion dollar, multi-ton object in orbit possibly out of control? I think that's a disservice to Russian Astronauts (Cosmonauts) everywhere.
All systems can have vulnerabilities but if the systems onboard the ISS have been compromised by trojans, malware, viruses etc. I think the Linux community needs
to be made aware of the vulnerabilities so that these issues can be addressed and code fixed. Not that ol Kaspersky here needs to make a but right, but if they're not inherently part of Linux and are just stupid admin pet tricks, then that needs to be brought to public attention so that the ISS partners can address their IT problem. Playing coy and providing anecdotal commentary on "infections" and "bad things happened at a Nuclear plant" only mean that there are still vulnerabilities and bad practices that need to be addressed. I mean it's not like we wouldn't have that happen here in the US, say on a major Website, right?
On the other hand Microsoft should be smiling right now since it was announced that the ISS was going all Linux just this year. Maybe it was because the Astronauts couldn't find the Start Menu?

--
Harrison's Postulate - "For every action there is an equal and opposite criticism"
1. Re:WTF? by hannson · 2013-11-11 04:52 · Score: 3, Funny
  
  What do you mean? An African or European swallow?
The article says cosmonauts with USB stick... by clickety6 · 2013-11-11 04:36 · Score: 4, Funny

... I say Hiller and Levinson with an Apple Macintosh Powerbook 5300!

--
----------------------------------- My Other Sig Is Hilarious -----------------------------------
Re:A Victory for Mass Consumerism! by bobbied · 2013-11-11 04:37 · Score: 3, Funny

Sure they can *order* stuff, it's just the *delivery* charges are out of this world.

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Root access? by Whammy666 · 2013-11-11 04:40 · Score: 4, Insightful

So who's idea was it to to allow a foreign USB stick to get plugged into a ISS system with root access? This seems like a major security protocol problem rather than a weakness of Linux.

--
When all else fails, run.
Not the first infection by OzPeter · 2013-11-11 04:54 · Score: 4, Interesting

While I was digging around to try and find out what SCADA systems the ISS uses (which I never found), I did find this: international-space-station-switches-from-windows-to-linux-for-improved-reliability which has:

in 2008, a Russian cosmonaut brought a laptop aboard with the W32.Gammima.AG worm, which quickly spread to the other laptops on board. Switching to Linux will essentially immunize the ISS against future infections.

--
I am Slashdot. Are you Slashdot as well?
Anyone has the real facts? by dutchwhizzman · 2013-11-11 05:03 · Score: 4, Interesting

Since TFA is obviously a load of bollocks, it'd be nice if someone would get us actual facts. Does NASA have anything to mention about this yet?

--
I was promised a flying car. Where is my flying car?
Terrible Atricle, read with care by sjames · 2013-11-11 07:13 · Score: 4, Insightful

First it spends a paragraph or two indicating that some unknown computer on ISS got a virus. That would probably be one of the Windows laptops used by the crew for personal email, general browsing, etc and NOT a mission critical part of the station itself. Those have gotten viruses before and probably will again. The mission critical systems never have.
Then they went into the weeds spending a short segment talking about an unnamed system at an unnamed nuclear plant getting infected with stuxnet. For all we know it was the solitaire and minesweeper PC in the break room. From there they talk about government development of stuxnet and blah blah blah nothing to do with ISS, and so on.