On 18th December, an internal HR memo was sent out to all NASA employees by Bob Gibbs, assistant administrator for the office of human capital management, alerting them of a possible compromise to their servers in late October. The memo was shared by SpaceRef and it states that servers stored personally identifiable information about NASA employees, including their social security numbers.
What is surprising is that NASA learned of the incident in October 2018 but chose to remain silent till the memo was rolled out. Bill says in the memo that the space agency took immediate steps to contain the breach and that the investigation is still ongoing.
The scope of the breach is unclear. The memo states that NASA is ‘examining the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals’. This message is sent to all NASA employees, regardless of whether or not their information may have been compromised. NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between centers, from July 2006 to October 2018, may also have been affected.
NASA’s Office of Inspector General (OIG) has continually criticized the space agencies cybersecurity practices, reporting shortfalls in NASA’s overall information technology (IT) management. The office stated in its latest semi-annual report, dated Oct. 31: “Through its audits, the OIG has identified systemic and recurring weaknesses in NASA’s IT security program that adversely affect the Agency’s ability to protect the information and information systems vital to its mission.”
In May, the OIG published The audit of NASA’s Security Operations Center (SOC) and found several issues with the center, right from high management turnover to a lack of formal authority to manage information security issues for some parts of the agency.
An October 2017 report stated that “Lingering confusion about security roles coupled with poor IT inventory practices continues to negatively impact NASA’s security posture.”
According to Hacker News, this is not the first time when the agency’s servers have been hacked into. NASA suffered a massive security breach in 2016 where 276GB of sensitive data was released. This data included flight logs and credentials of thousands of its employees.
All these facts draw attention to the poor security practices followed at NASA. It will be interesting to see how NASA will deal with this security breach and what measures it will take to secure its systems to prevent future cyber attacks.
Head over to SpaceNews.com to know more about this news.
Justice Department’s indictment report claims Chinese hackers breached business and government network
Former Senior VP’s take on the Mariott data breach; NYT reports suspects Chinese hacking ties
Equifax data breach could have been “entirely preventable”, says House oversight and government reform committee staff report