The breach, originating from Chinese-based IP addresses, allowed the intruders to compromise the accounts “of the most privileged JPL users,” giving them “full access to key JPL systems,” according to Inspector General Paul K. Martin in a report to Congress (.pdf).
The investigation of the breach is ongoing, but Martin says the intruders had the ability to modify sensitive files; modify or delete user accounts for mission-critical JPL systems; and alter system logs to conceal their actions.
“In other words, the attackers had full functional control over these networks,” Martin writes.
But this wasn’t the only breach NASA experienced. In 2010 and 2011, the agency had 5,408 computer security incidents that resulted in the installation of malicious software and the theft of export-controlled and otherwise sensitive data, with an estimated cost to NASA of more than $7 million. Some of the breaches “may have been sponsored by foreign intelligence services seeking to further their countries’ objectives,” Martin writes.