June 21, 2019 at
Cybersecurity breaches continue to pose a major threat to the privacy and security of individuals and companies around the world. The number of hacking attacks appears to be constantly growing, and many have started to wonder if there is any way to achieve total security.
For now, it appears that no one is truly safe
from hackers, as confirmed by a new report published by NASA. In it, the
National Aeronautics and Space Administration confirmed that its JPL (Jet
Propulsion Laboratory) suffered a security breach. The agency published an
audit document made by the US Office of Inspector General, which reveals that
JPL servers got invaded by an unauthorized Raspberry Pi computer.
The servers were targeted by hackers who managed to find their way in, and as soon as they did — they continued to delve deeper into NASA’s network. It is currently unknown what levels they managed to reach, or what data they may have stolen during the breach. However, it was said that the hackers apparently managed to reach the DNS (Deep Space Network) array of radio telescopes. It is also likely that they did not stop there, and that additional JPL systems got compromised as well.
The breach allegedly occurred at some point in
April 2018, and it was deemed so serious and massive that the Johnson Space
Center made a decision to disconnect from the gateway. Johnson did it to
protect its own systems, which are responsible for multiple programs, such as
the International Space Station.
With Johnson officials worrying that the
breach might move on to compromise their network and systems as well, the
decision is not really surprising. If the hackers did manage to gain access to
their network as well, they might have initiate malicious signals that would
interfere with human space flight missions. This was clearly a risk that
Johnson Space Center was unwilling to take.
The situation is grave, and despite the fact
that some limited spacecraft data was successfully restored earlier this year,
in March — Johnson never restored its use of all communications data. The
Center appears to still be concerned regarding the reliability of the data and
the security of the JPL network.
Johnson cannot really be blamed for that, as the audit identified numerous technical and security mistakes. Considering the importance and responsibility of the institution, these flaws reflect very poorly on its reliability and security of JPL network. The audit identified security violation ticket resolution shortcomings, poor IT asset visibility, as well as untimely delays in patching known flaws and vulnerabilities, and all of these are only the most critical issues.
It is as if JPL completely ignored everything
in regards to even the most basic security. Not only that, but the system
administrators were found to lack security certifications. Further, there was
no role-based security training, nor the round-the-clock incident reporting
capability. Of course, this is not the case when it comes to NASA’s main
security operations center (SOC), which seems to be fully caught up on security
details and training of those in charge of it.
The aftermath of the hack
All of this is deeply concerning, especially due to the fact that NASA is among the top of high-profile targets, as stated by the information security analyst, Mike Thompson. He clarified by stating that most people immediately associate NASA with space and space-related activities. However, this is only a portion of the research and activities that NASA is truly involved in.
The agency research and development includes all the cutting edge tech, science, as well as countless patents that cover it all. However, while the hack is more than a year old at this point, it is likely that the hackers might still be present within the network, as stated by an ethical hacker, John Opdenakker.
He stated that there is still no confirmation
that the network has been patched and secured, and that it is still possible
that hackers are operating within it. After all, hacking such a system is far
from being an easy achievement, and any hacker who managed to do it would
likely ensure that they can do it again, or at least that they would continue
to gather information through some other method.
Even the report itself confirmes that critical vulnerabilities remain, and the cyber intrusions are still very much possible. The report also warns that they could result in theft of critical information. Obviously, this brings a major challenge in terms of cybersecurity, and one that NASA itself will have to face. Not only for the difficulties of finally making the network safe, but also because the agency cannot eliminate threats while collaborating with other scientists and researchers from adversarial countries.
For example, Russian hackers are known for their exploits throughout the world. However, NASA cannot just completely block off Russia when it is partnered with its own agencies and scientists. This inability to protect itself without consequences puts NASA’s status as a global leader in aeronautics research and space exploration at serious risk, as the report itself states.