Yottabytes: Storage and Disaster Recovery

Nov 24 2013   12:19PM GMT

Stop Poking USBs Into the ISS International Space Station!

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Sigh. We tell you and tell you and tell you, but do you listen? “Don’t pick up strange USB sticks from the street and plug them into your computer”? How many times have we told you that?

Now you’ve gone and infected the International Space Station (ISS).

Eugene Kaspersky, the eponymous founder of the Kaspersky Lab security software company, let drop this little bombshell recently while speaking to the National Press Club in Australia. He said he was told this by “Russian space guys.”

“The space guys from time-to-time are coming with USBs, which are infected. I’m not kidding. I was talking to Russian space guys and they said, ‘yeah, from time-to-time there are viruses on the space station,'” Kaspersky reportedly said.

There’s two things to note about this story:

  1. While some publications pinned the blame on Russian astronauts specifically, it isn’t actually clear which astronauts did this, and whether they did it on purpose or on accident, as my daughter used to say. Kaspersky’s “Russian space guys” apparently didn’t reveal that detail. Either way, the ISS doesn’t control its USB ports and scan USBs before plugging them into multimillion-dollar things in orbit? Srsly? Didn’t they watch “Independence Day?”
  2. It isn’t clear exactly what sort of malware has infected the ISS. At various points in time, as least as far back as 2008, it has previously been infected with malware – intended to steal online game passwords. (This is what the astronauts do in their spare time? Play Spacecraft Simulator?) i09 reported receiving email from Kaspersky Lab claiming this incident is actually what he had been referring to, not some nefarious plan to crash the ISS into Manhattan or something.

Oh, and the laptops in question were reportedly running not just Windows, but Windows XP. Oy. Reportedly, the ISS switched to Linux in May, partly to avoid the malware problem. Incidentally, at least in the past, the laptops on the ISS didn’t have virus scanning software. Perhaps they do now? Please?

What is clear is that, despite some reports, the ISS has not been infected with Stuxnet, the virus intended to disable Iranian nuclear facilities. In the same speech, Kaspersky had mentioned that Russian nuclear facilities had been infected with Stuxnet, and non-technical reporters, hearing the words “Stuxnet” and “ISS” in the same speech, got excited and conflated the two.

Even if Stuxnet were found aboard the ISS, it would only be a problem if they were running uranium centrifuges up there, and if they are, we have bigger problems.

All together now:

  • Don’t stick strange USB sticks in your ports.
  • Control access to the USB drives.
  • Scan USB drives before inserting them.

We don’t want to have to tell you this again!

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: