Posted on June 21, 2019 at 1:07 PM
Cybersecurity breaches continue to pose a major threat to the privacy and security of individuals and companies around the world. The number of hacking attacks appears to be constantly growing, and many have started to wonder if there is any way to achieve total security.
For now, it appears that no one is truly safe from hackers, as confirmed by a new report published by NASA. In it, the National Aeronautics and Space Administration confirmed that its JPL (Jet Propulsion Laboratory) suffered a security breach. The agency published an audit document made by the US Office of Inspector General, which reveals that JPL servers got invaded by an unauthorized Raspberry Pi computer.
The servers were targeted by hackers who managed to find their way in, and as soon as they did — they continued to delve deeper into NASA’s network. It is currently unknown what levels they managed to reach, or what data they may have stolen during the breach. However, it was said that the hackers apparently managed to reach the DNS (Deep Space Network) array of radio telescopes. It is also likely that they did not stop there, and that additional JPL systems got compromised as well.
The breach allegedly occurred at some point in April 2018, and it was deemed so serious and massive that the Johnson Space Center made a decision to disconnect from the gateway. Johnson did it to protect its own systems, which are responsible for multiple programs, such as the International Space Station.
With Johnson officials worrying that the breach might move on to compromise their network and systems as well, the decision is not really surprising. If the hackers did manage to gain access to their network as well, they might have initiate malicious signals that would interfere with human space flight missions. This was clearly a risk that Johnson Space Center was unwilling to take.
The situation is grave, and despite the fact that some limited spacecraft data was successfully restored earlier this year, in March — Johnson never restored its use of all communications data. The Center appears to still be concerned regarding the reliability of the data and the security of the JPL network.
Johnson cannot really be blamed for that, as the audit identified numerous technical and security mistakes. Considering the importance and responsibility of the institution, these flaws reflect very poorly on its reliability and security of JPL network. The audit identified security violation ticket resolution shortcomings, poor IT asset visibility, as well as untimely delays in patching known flaws and vulnerabilities, and all of these are only the most critical issues.
It is as if JPL completely ignored everything in regards to even the most basic security. Not only that, but the system administrators were found to lack security certifications. Further, there was no role-based security training, nor the round-the-clock incident reporting capability. Of course, this is not the case when it comes to NASA’s main security operations center (SOC), which seems to be fully caught up on security details and training of those in charge of it.
The aftermath of the hack
All of this is deeply concerning, especially due to the fact that NASA is among the top of high-profile targets, as stated by the information security analyst, Mike Thompson. He clarified by stating that most people immediately associate NASA with space and space-related activities. However, this is only a portion of the research and activities that NASA is truly involved in.
The agency research and development includes all the cutting edge tech, science, as well as countless patents that cover it all. However, while the hack is more than a year old at this point, it is likely that the hackers might still be present within the network, as stated by an ethical hacker, John Opdenakker.
He stated that there is still no confirmation that the network has been patched and secured, and that it is still possible that hackers are operating within it. After all, hacking such a system is far from being an easy achievement, and any hacker who managed to do it would likely ensure that they can do it again, or at least that they would continue to gather information through some other method.
Even the report itself confirmes that critical vulnerabilities remain, and the cyber intrusions are still very much possible. The report also warns that they could result in theft of critical information. Obviously, this brings a major challenge in terms of cybersecurity, and one that NASA itself will have to face. Not only for the difficulties of finally making the network safe, but also because the agency cannot eliminate threats while collaborating with other scientists and researchers from adversarial countries.
For example, Russian hackers are known for their exploits throughout the world. However, NASA cannot just completely block off Russia when it is partnered with its own agencies and scientists. This inability to protect itself without consequences puts NASA’s status as a global leader in aeronautics research and space exploration at serious risk, as the report itself states.