Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

NASA Investigating Possible SSL Compromise

NASA spokesperson has told SecurityWeek that they’re investigating claims made by a group of Iranian hackers earlier this week. The claim is that a SSL certificate issued to NASA’s Research and Education Support Services (NRESS) group has been compromised, and used in a Man-in-the-Middle attack.

NASA spokesperson has told SecurityWeek that they’re investigating claims made by a group of Iranian hackers earlier this week. The claim is that a SSL certificate issued to NASA’s Research and Education Support Services (NRESS) group has been compromised, and used in a Man-in-the-Middle attack.

On Wednesday, an Iranian student group comprised of programmers and hackers, known as the Cyber Warriors Team, claimed to have compromised the SSL cert used on the NASA Solicitation and Proposal Integrated Review and Evaluation System (NSPIRES) website.

NASA

The group said the certificate was compromised by exploiting an existing vulnerability within the portal’s login system, but they didn’t outline the entire attack. Once they had control over the certificate, they claim to have used it to “obtain User information for thousands of NASA researcher With Emails and Accounts of other users [sic].”

If the claims are true, this wouldn’t be the first time the space agency has had security issues. In March, NASA Inspector General Paul K. Martin told the House’s Committee on Science, Space, and Technology’s Subcommittee on Investigations and Oversight, that the agency faces serious challenges when it comes to protecting its information and systems from cyber attacks.

Martin said that NASA was the victim of 47 APT attacks, 13 of which compromised agency systems during FY 2011. In one incident, attackers captured user credentials for more than 150 NASA employees that could have been used to gain unauthorized access to NASA systems.

“The attackers had full functional control over these networks,” Martin said. 

According to NASA, NSPIRES is the portal responsible for supporting the entire lifecycle of their research solicitation and selection, from announcements to peer review and decision.

When questioned about the claims made by CWT, the NASA spokesperson simply stated that the, “security office is investigating the claim… that’s really all we can say about it right now.”

Advertisement. Scroll to continue reading.
Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.