Connect with us

Hi, what are you looking for?



NASA Identified Over 6,000 Cyber Incidents in Past 4 Years

The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA’s Office of Inspector General.

The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA’s Office of Inspector General.

NASA has institutional systems, which are used for the day-to-day work of employees — these include data centers, web services, computers and networks. It also has mission systems, which support its aeronautics, space exploration and science programs — these include systems used for controlling spacecraft and processing scientific data.

The agency has more than 4,400 applications, over 15,000 mobile devices, roughly 13,000 software licenses, nearly 50,000 computers, and a whopping 39,000 Tb of data.

The audit conducted by NASA’s inspector general has revealed that while attacks on the agency’s networks are not uncommon, “attempts to steal critical information are increasing in both complexity and severity,” and the agency’s ability to detect, prevent and mitigate attacks is limited.

The cyber incidents observed over the past years — more than 1,700 were identified in 2020 — included brute-force attacks, email-related incidents, impersonation attacks, improper usage issues, loss or theft of equipment, web-based attacks, and incidents involving external or removable media.

Last year, a majority of incidents were related to improper usage, which includes installing unapproved software or accessing inappropriate materials. These types of incidents increased from 249 in 2017 to 1,103 in 2020. On the other hand, NASA also believes that the higher number of detected incidents is also a result of improved network visibility.

NASA breaches and other cyber incidents

The report has highlighted several incidents, including a 2018 hack of NASA’s Jet Propulsion Laboratory, which resulted in hackers accessing servers and even its Deep Space Network telescopes. In the same year, someone stole roughly 500 Mb of data from a major mission system after the account of an external user was compromised.

Advertisement. Scroll to continue reading.

In 2019, NASA discovered that a contract employee used its systems to mine cryptocurrency, and in the same year two Chinese nationals were indicted for allegedly hacking NASA systems and stealing data.

Related: NASA Sees Increase in Cyberattacks During Coronavirus Outbreak

Related: NASA Notifies Employees of Data Breach

Related: NASA’s Cybersecurity Program Gets Failing Grade

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...