Posted by Virus Bulletin on Aug 29, 2008
Autorun worm found on non-critical systems.
US space agency NASA has confirmed reports that laptops in use on the international space station have been found to have been infected with password-stealing malware.
The infected systems are said to be non-mission-critical and used by space station crew for email and recording data from 'nutritional experiments'. According to NASA spokespeople, all systems are isolated from the web and all data must pass through supposedly secure indirect links. However, as the malware in question appears to be a worm which spreads via USB sticks, it seems likely that the infection was introduced in this manner, and that the systems had not had autorun disabled, a fairly basic security step. It is not clear whether the more vital computer systems on the station use the same tight isolation methods.
The infection was discovered during a 'routine scan' with Symantec's Norton product, and was apparently not the first such incident, hinting that resident scanning was not in use. Other systems are now having Norton installed on them.