Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

NASA Identified Over 6,000 Cyber Incidents in Past 4 Years

The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA’s Office of Inspector General.

The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA’s Office of Inspector General.

NASA has institutional systems, which are used for the day-to-day work of employees — these include data centers, web services, computers and networks. It also has mission systems, which support its aeronautics, space exploration and science programs — these include systems used for controlling spacecraft and processing scientific data.

The agency has more than 4,400 applications, over 15,000 mobile devices, roughly 13,000 software licenses, nearly 50,000 computers, and a whopping 39,000 Tb of data.

The audit conducted by NASA’s inspector general has revealed that while attacks on the agency’s networks are not uncommon, “attempts to steal critical information are increasing in both complexity and severity,” and the agency’s ability to detect, prevent and mitigate attacks is limited.

The cyber incidents observed over the past years — more than 1,700 were identified in 2020 — included brute-force attacks, email-related incidents, impersonation attacks, improper usage issues, loss or theft of equipment, web-based attacks, and incidents involving external or removable media.

Last year, a majority of incidents were related to improper usage, which includes installing unapproved software or accessing inappropriate materials. These types of incidents increased from 249 in 2017 to 1,103 in 2020. On the other hand, NASA also believes that the higher number of detected incidents is also a result of improved network visibility.

NASA breaches and other cyber incidents

The report has highlighted several incidents, including a 2018 hack of NASA’s Jet Propulsion Laboratory, which resulted in hackers accessing servers and even its Deep Space Network telescopes. In the same year, someone stole roughly 500 Mb of data from a major mission system after the account of an external user was compromised.

Advertisement. Scroll to continue reading.

In 2019, NASA discovered that a contract employee used its systems to mine cryptocurrency, and in the same year two Chinese nationals were indicted for allegedly hacking NASA systems and stealing data.

Related: NASA Sees Increase in Cyberattacks During Coronavirus Outbreak

Related: NASA Notifies Employees of Data Breach

Related: NASA’s Cybersecurity Program Gets Failing Grade

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Staying the course and sticking to strategic goals allows security professionals to steadily and continually improve the security posture of their organization without allowing distractions to divert precious resources away from more important tasks.

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.