www.herald-journal.com
Computer virus makes its way into earth orbit

September 8, 2008

by Mark Ollig

Talk about “boldly going where no virus has gone before.”

Orbiting 200 miles above the Earth, the International Space Station (ISS), discovered an unwanted “passenger” had snuck aboard via computer.

The passenger on board the space station turned out to be a real worm.

The “W32.Gammima.AG computer worm virus” to be precise.

It took the astronauts a few days to track it down, but they have finally found what is essentially called a “gaming worm virus” which is used to track personal information.

This virus is a low risk or “level 1” type according to the good folks at Symantec, which makes the Norton AntiVirus software many computer users (including your humble columnist) has installed.

Symantec says once a computer is infected with this worm, it will copy itself onto several files on the host computer, modify the operating system’s registry and then steal the computer user’s data from a number of installed online games.

The thing to remember about a computer worm is that it implants itself into a computer’s software, executes its task and then transmits user-sensitive data via the Internet to the originating online attacker.

It is not meant to do harm to the host computer, it is intended to hide in the background, waiting to carry out its sneaky undertaking.

The virus is using some stealthy technology that James Bond himself would appreciate.

The ISS virus was first detected on July 25, but did not infect the space station’s command and control computers and poses no threat to the orbiting laboratory, NASA officials said.

“This is basically a nuisance,” NASA spokesperson Kelly Humphries told SPACE.com from the agency’s Johnson Space Center in Houston.

Humphries said that while NASA security protocols prohibit discussing details of the virus and efforts to combat it, a search is underway to find out how it got on board the space station more than 200 miles above Earth.

“We’ll do our best to track down how it got there and close that gateway,” Humphries said. “This is not a frequent occurrence, but we have had viruses that have made their way on board before.”

I found it interesting when NASA confirmed this was “not the first time” a computer virus was discovered.

Humphries said, “We continually refine and update our procedures and do our best to protect the systems on the station,” Humphries said.

I was tempted to send her the Bits & Bytes column’s link for future reference, but decided to hold off on that impulse until I calmed down.

How on – I guess I mean “off” Earth did this virus get into space and on the ISS computers and why were those computers, not protected?

Is it possible that one of the astronauts may have been playing online games over the Internet and the virus was up-linked to the Space Station?

According to the official “International Space Station Daily Report” transcript released by NASA at a space operations meeting last week, they very briefly outlined the situation and offered some explanations as to how the virus infection may have happened.

NASA states the virus was never a threat to any of the computers used for command and control and had no adverse effect on ISS operations.

In regards to how the virus got onboard the ISS, NASA says the latest theory is the virus either was in initial software load or possibly transferred from personal compact flash cards used in the laptops.

In the transcript, NASA says new flash memory cards due to launch to the station aboard a Russian cargo ship next month have been screened for the virus.

Seventy-one laptop computers currently aboard the space station use the Microsoft Windows operating system, which is vulnerable to viruses.

Amazingly, NASA said that most of the IP (Internet) laptops and some of the payload laptops do not provide virus protection/detection software.

This NASA report (ISS 30P SORR), can be seen from the NASA web site using this shortened link: http://tinyurl.com/5keu8y.

In the report, it states how “CDR [Commander] Volkov began his day by down-linking (loading) the Norton AntiVirus (NAV) data . . .”

Yes, folks, you will need to run your AntiVirus software and keep it updated – especially if your computer is 200 miles above the Earth.

NASA says the ISS systems are completely protected from the virus bug, but the laptops do connect through ISS’s KU band data-link.

“Everything is scanned before it goes up, so it’s an indirect connection,” Humphries explained.

When she was questioned about the links between these laptops and the mission’s critical systems, Humphries responded in what seemed to me to be a vague answer: “I don’t know, and even if I did, I wouldn’t be able to tell you, for IT [Information Technology] security reasons,” she simply said.

When you’re online, check out this week’s Web Site of Week, where your humble bits_blogger will try to once again find that special web site out there in cyberspace of interest to you.