The National Aeronautics and Space Administration (NASA) of the United States recently confirmed that it has been hacked in April 2018. According to an audit document from the U.S. Office of the Inspector General published by NASA, the hackers allegedly connected to its Jet Propulsion Laboratory (JPL) servers and moved laterally further into the NASA network, Forbes reported.
NASA stated the hackers have used a basic, build-it-yourself computer to attack two of the Jet Propulsion Laboratory’s main networks and steal around 500 megabytes of data from 23 files. The information in the files included International Traffic in Arms Regulations information related to the Mars Science Laboratory mission, which includes the Curiosity rover, along with other valuable information.
After NASA revealing the security incident, the Johnson Space Center in Houston disconnected its system from JPL’s exploited gateway because of fears of hacking. The audit report stated that, “Johnson officials were concerned the cyber attackers could move laterally from the gateway into their mission systems, potentially gaining access and initiating malicious signals to human space flight missions that use those systems. Johnson had not restored its use of all communications data because of continuing concerns about its reliability.”
Last year, NASA reported a major cyber-attack. In a statement sent to its employees, NASA stated that an unknown intruder illegally gained access to one of its servers that stores current and former employees’ Personally Identifiable Information (PII), including the social security numbers.
NASA stated the hack occurred on October 23, 2018, and it didn’t have the information on the exact number of employees who were affected. However, NASA said its Civil Service employees who were on-boarded or transferred to other centers from July 2006, to October 2018, may have been affected.
“NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored. After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised,” NASA said in a statement.
NASA confirmed that its cybersecurity officials took immediate actions to secure the data servers and it’s working with federal cybersecurity partners to determine the potential data exfiltration and identify the affected employees. The agency is notifying all the employees and suggesting precautionary measures to counter against the possible fraud.
