The bottom line for NASA as well as any number of government agencies in this new era of sequestration is money – and NASA in this case has too many programs chasing too few dollars.
That is just one of a number of bleak conclusions NASA’s Inspector General Paul Martin laid out to a Congressional hearing today adding that “declining budgets and fiscal uncertainties present the most significant external challenges to NASA’s ability to successfully move forward on its many projects and programs. For the first 6 months of this year, NASA has operated under a continuing resolution that funds the Agency at last year’s level of $17.8 billion. Moreover, NASA’s share of the Government-wide sequestration cuts reduce that spending authority by $894 million.”
Martin noted that in 2012 “the need to reprogram funds from several Agency initiatives to accommodate cost overruns in the James Webb Space Telescope and other projects. This shift contributed to developmental delays in several ongoing projects and cancellation of others, including a joint project with the European Space Agency for planned missions to Mars in 2016 and 2018.”
“Because NASA received less than half its requested budget for commercial crew development last year, the Agency extended to 2017 the earliest it expects to obtain commercial crew transportation services to the ISS – a date uncomfortably close to the Station’s currently scheduled 2020 retirement. At the same time, NASA is moving forward with development of a new rocket, capsule, and related launch infrastructure to enable crewed missions to an asteroid, the Moon, or Mars – expensive and technically complex undertakings in an increasingly austere budget environment,” Martin said.
While space projects get a lot of positive attention, NASA’s IT security state has garnered a darker quality.
From Martin: “NASA remains a target of cyber intruders both because of the large size of its networks and because of the technical and scientific information it maintains. Over the years, NASA has increasingly become a target of a sophisticated form of cyber attack known as advanced persistent threats or APTs. The individuals or nations behind these APTs are typically well organized and well funded.
For example, our investigation of a series of APT attacks at the Jet Propulsion Laboratory (JPL) involving Chinese-based Internet protocol addresses between November 2011 and February 2012 confirmed that cyber attackers were successful in achieving control over much of JPL’s network for several weeks and used this access to steal or attempt to steal NASA-funded data. While data theft appears to be the primary motive, the level of access gained by the intruders positioned them to have caused significant operational disruption had that been their goal.”
Martin noted the his office has consistently identified what he called “systemic and recurring weaknesses in NASA’s IT security program that adversely affect the Agency’s ability to protect the information and information systems vital to its mission. In particular, the CIO’s inability to ensure that NASA’s mission computer networks implement key IT security controls continues to put these critical IT assets at risk of compromise. To illustrate, the Agency has not yet implemented two recommendations from a May 2010 OIG audit report to monitor its mission networks for the presence of critical software patches and technical vulnerabilities.”
He added that NASA’s portfolio of information technology assets includes more than 550 information systems that control spacecraft, collect and process scientific data, and enable NASA personnel to collaborate with colleagues around the world. Hundreds of thousands of NASA personnel, contractors, academics, and members of the public use these IT systems daily and NASA depends on them to carry out its essential operations. Overall, NASA spends more than $1.5 billion annually on its IT-related activities, $58 million of that for IT security.
It is also worth noting that current NASA CIO Linda Cureton is leaving the agency April 1 and a new executive will probably come in just in time for Martin’s latest report on NASA’s IT governance structure which he said his office was completing.
Please read the comments and the original article written by Michael Cooney at the NETWORKWORLD website.
