Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

NASA Investigating Possible SSL Compromise

NASA spokesperson has told SecurityWeek that they’re investigating claims made by a group of Iranian hackers earlier this week. The claim is that a SSL certificate issued to NASA’s Research and Education Support Services (NRESS) group has been compromised, and used in a Man-in-the-Middle attack.

NASA spokesperson has told SecurityWeek that they’re investigating claims made by a group of Iranian hackers earlier this week. The claim is that a SSL certificate issued to NASA’s Research and Education Support Services (NRESS) group has been compromised, and used in a Man-in-the-Middle attack.

On Wednesday, an Iranian student group comprised of programmers and hackers, known as the Cyber Warriors Team, claimed to have compromised the SSL cert used on the NASA Solicitation and Proposal Integrated Review and Evaluation System (NSPIRES) website.

NASA

The group said the certificate was compromised by exploiting an existing vulnerability within the portal’s login system, but they didn’t outline the entire attack. Once they had control over the certificate, they claim to have used it to “obtain User information for thousands of NASA researcher With Emails and Accounts of other users [sic].”

If the claims are true, this wouldn’t be the first time the space agency has had security issues. In March, NASA Inspector General Paul K. Martin told the House’s Committee on Science, Space, and Technology’s Subcommittee on Investigations and Oversight, that the agency faces serious challenges when it comes to protecting its information and systems from cyber attacks.

Martin said that NASA was the victim of 47 APT attacks, 13 of which compromised agency systems during FY 2011. In one incident, attackers captured user credentials for more than 150 NASA employees that could have been used to gain unauthorized access to NASA systems.

“The attackers had full functional control over these networks,” Martin said. 

According to NASA, NSPIRES is the portal responsible for supporting the entire lifecycle of their research solicitation and selection, from announcements to peer review and decision.

When questioned about the claims made by CWT, the NASA spokesperson simply stated that the, “security office is investigating the claim… that’s really all we can say about it right now.”

Advertisement. Scroll to continue reading.
Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Software giant Atlassian has named David Cross as its new CISO.

Dan Pagel has been named the new CEO of risk management and remediation firm Brinqa.

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.