JulianAssange may have needed a mole inside the Army to get sensitivegovernmentdocuments for WikiLeaks, but thanks to the lax IT procedures at NASA,it lookslike he may have only needed an eBay account.
Dueto weak security measures and an agency culture that struggles withproperlyhandling property transfer, NASAsold hard drivesto the general public that contained information that could helphackerspenetrate the space agency's computers, according to a new report fromtheNASA's Office of Inspector General (OIG).
Thecomputers were left over from theshuttle program, which NASA sold off publicly after they hadbeen properlysanitized of any sensitive information. However, it seems that acombination ofpoorly designed procedures and individual failures led NASA personnelto skipthat sanitation step. Overall, 10 entires PCs that might have containedIPinformation and other sensitive data are known to have ended up sold toprivatecitizens.
"Duringour audit, we discovered significant weaknesses in the sanitization anddisposalprocesses for IT equipment at four NASA Centers ? Kennedy and JohnsonSpaceCenters and Ames and Langley Research Centers," the report reads.
Thisis not the first time that NASA has come under fire for poor information technology andequipment management. Accordingto theGovernment Accountability Office (GAO), NASA misplaced $94million inequipment between 1997 and 2007, and failed to meet their goals ofstoppingsuch losses in six of those ten years.
A2007 GAO report portrayed a NASA culture where property mismanagementand lossrarely results in punishment. In one instance, a NASA employee escapedpunishmentdespite providing an explanation for losing a laptop consisting of theexcuse"this computer, although assigned to me, was being used on board theInternational Space Station. I was informed that it wastossed overboard tobe burned up in the atmosphere when it failed," the 2007 GAO reportsaid.