NASA’s Network Systems

According to a report published by NASA’s Office of Inspector General, the U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years including phishing scams and the introduction of malware into Agency systems.

NASA’s information technology (IT) assets generally fall into two broad categories: institutional and mission systems. Three primary levels of management oversee these assets and are responsible for cybersecurity management.

OCIO personnel oversee the institutional and security capabilities that support the entire NASA workforce. Missions typically fund their networks and their IT personnel have visibility over the operational and security aspects of these networks.

Finally, IT personnel at NASA Centers manage and oversee operations for programs and projects located there, which includes both institutional and mission networks.

Attacks on NASA’s Vast Networks

The audit conducted by NASA’s inspector general has revealed that attacks on NASA networks attempts to steal critical information are increasing in both complexity and severity.

Although NASA has taken positive steps to address cybersecurity in the areas of network monitoring, identity management, and updating its IT Strategic Plan, it continues to face challenges in strengthening foundational cybersecurity efforts.

Enterprise Architecture has been in development at NASA for more than a decade yet remains incomplete while how the Agency manages IT investments and operations remains varied and ad hoc.

Unfortunately, a fragmented approach to IT, with numerous separate lines of authority, has long been a defining feature of the environment in which cybersecurity decisions are made at the Agency. The result is an overall cybersecurity posture that exposes NASA to a higher-than-necessary risk from cyber threats.

It is noted that NASA conducts its assessment and authorization (A&A) of IT systems inconsistently and ineffectively, with the quality and cost of the assessments varying widely across the Agency.

The cyber incidents observed over the past years, more than 1,700 were identified in 2020 included brute-force attacks, email-related incidents, impersonation attacks, improper usage issues, loss or theft of equipment, web-based attacks, and incidents involving external or removable media.

In the previous year, a majority of incidents were related to improper usage, which includes installing unapproved software or accessing inappropriate materials. These types of incidents increased from 249 in 2017 to 1,103 in 2020.

On the other hand, NASA also believes that the higher number of detected incidents is also a result of improved network visibility.

Types of Cyber-Attacks at NASA

The report has highlighted incidents, including a 2018 hack of NASA’s Jet Propulsion Laboratory, which resulted in hackers accessing servers and even its Deep Space Network telescopes. In the same year, someone stole roughly 500 Mb of data from a major mission system after the account of an external user was compromised.

In 2019, NASA discovered that a contract employee used its systems to mine cryptocurrency, and in the same year two Chinese nationals were indicted for allegedly hacking NASA systems and stealing data.

Final Word

According to the report, adopting an integrated EA/ESA (Enterprise Architecture/ Enterprise Security Architecture) and developing an effective enterprise-level assessment and authorization process would not only dramatically improve situational awareness but would also enable NASA’s decision-makers to effect positive change on the Agency’s cybersecurity posture.

Officials would be better positioned to determine risk, anticipate disruptions, and determine where investment in additional resources or other changes are needed. NASA must act decisively to deploy and adjust its IT security strategies to keep up with evolving cyber threats.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.