Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

NASA Identified Over 6,000 Cyber Incidents in Past 4 Years

The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA’s Office of Inspector General.

The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA’s Office of Inspector General.

NASA has institutional systems, which are used for the day-to-day work of employees — these include data centers, web services, computers and networks. It also has mission systems, which support its aeronautics, space exploration and science programs — these include systems used for controlling spacecraft and processing scientific data.

The agency has more than 4,400 applications, over 15,000 mobile devices, roughly 13,000 software licenses, nearly 50,000 computers, and a whopping 39,000 Tb of data.

The audit conducted by NASA’s inspector general has revealed that while attacks on the agency’s networks are not uncommon, “attempts to steal critical information are increasing in both complexity and severity,” and the agency’s ability to detect, prevent and mitigate attacks is limited.

The cyber incidents observed over the past years — more than 1,700 were identified in 2020 — included brute-force attacks, email-related incidents, impersonation attacks, improper usage issues, loss or theft of equipment, web-based attacks, and incidents involving external or removable media.

Last year, a majority of incidents were related to improper usage, which includes installing unapproved software or accessing inappropriate materials. These types of incidents increased from 249 in 2017 to 1,103 in 2020. On the other hand, NASA also believes that the higher number of detected incidents is also a result of improved network visibility.

NASA breaches and other cyber incidents

The report has highlighted several incidents, including a 2018 hack of NASA’s Jet Propulsion Laboratory, which resulted in hackers accessing servers and even its Deep Space Network telescopes. In the same year, someone stole roughly 500 Mb of data from a major mission system after the account of an external user was compromised.

In 2019, NASA discovered that a contract employee used its systems to mine cryptocurrency, and in the same year two Chinese nationals were indicted for allegedly hacking NASA systems and stealing data.

Advertisement. Scroll to continue reading.

Related: NASA Sees Increase in Cyberattacks During Coronavirus Outbreak

Related: NASA Notifies Employees of Data Breach

Related: NASA’s Cybersecurity Program Gets Failing Grade

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights