Space and Cyber Security

Blerim Abedini- The Center for Security Studies and Development- Macedonia(CSSD)

NASA as the center has achieved a great success in comparison with other centers of space exploration. NASA is a regular target of cyber-attacks because of the large size of its networks and because those networks contain information wanted by criminals.  The individuals or nations behind these attacks are typically well organized and well-funded. The NWH-‘Anonymous’ is the group who claimed responsibility for shutting down Xbox online service, BBC news servers, HSBC UK’s online banking, the official website for Donald Trump’s election campaign.

Center for Space Studies is a synonym for a meaningful future. XXI century of technological achievements has started researching the planets in Cosmos which can provide favorable living conditions. NASA as the center has achieved a great success in comparison with other centers of space exploration. It today also faces political and economic enemies because of vital information that keeps in its archives.

Agency provides key data on volcanoes, algae growth (the concentration of phytoplankton in the ocean) and weather. NASA satellites could observe deformations of the Earth on a day-to-day, week-to-week basis that could identify a seismic or volcanic event. Nasa’s Martian explorer- The Maven spacecraft mission is to study Mars’ upper atmosphere.

AT&T is currently working with NASA to develop an Unmanned Aircraft System Traffic Management program that will enable agencies across the country to monitor drone activity as well as using them for surveillance. The company says that its main goal is to protect against cyber-attacks on drones.

NASA is a regular target of cyber-attacks because of the large size of its networks and because those networks contain information wanted by criminals for data or compromise NASA networks to further other criminal activities. NASA spends more than $1.5 billion annually on its IT-related activities, including approximately $58 million for IT security.

Between April 2009 and April 2011, NASA reported the loss or theft of 48 Agency mobile computing devices, some of which resulted in the unauthorized release of sensitive data, Personally Identifiable Information (PII), and third-party intellectual property. For example, the March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station. The individuals or nations behind these attacks are typically well organized and well-funded. In 2011, NASA reported it was the victim of 47 APT attacks, 13 of which successfully compromised Agency’s computers. In one of the successful attacks, intruders stole user credentials for more than 150 NASA employees’ credentials that could have been used to gain unauthorized access to NASA systems. With full system access the intruders could: (1) modify, copy, or delete sensitive files; (2) add, modify, or delete user accounts for mission-critical JPL systems; (3) upload hacking tools to steal user credentials and compromise other NASA systems; and (4) modify system logs to conceal their actions. In other words, the attackers had full functional control over these networks. Investigations indicate that the sophistication of cyber attacks against NASA is increasing.

  • For example, in November 2011 the Federal Bureau of Investigation and NASA OIG has worked with partners throughout the world to dismantle a cybercriminal network, operated under of an Estonian company called Rove Digital. Seven individuals were charged for engaging in a financial fraud scheme that spanned over 100 countries and infected 4 million computers. At least 500,000 of the victim computers were in the United States, including more than 130 NASA computers.
  • A Swedish citizen was indicted in 2009 for the theft of Cisco Systems, Inc., code and numerous intrusions into NASA systems. Losses of NASA estimated at more than $5 million.
  • “McColo Inc.” and “Triple Fiber Networks,” resulted in a shutdown. These ISPs were identified by NASA OIG and other law enforcement agencies as a major source of child pornography, e-mail spam, stolen credit cards, and malicious software. The U.S. District Court in the Northern District of California ordered McColo Inc. to pay the Federal Government a $1.08 million. The OIG investigation found that 53 NASA systems were affected by the criminal activity sponsored by McColo Inc., but none of the systems were critical.

  • In March 2009, Italian authorities raided the home of an Italian national suspected of taking part in several unauthorized intrusions into NASA JPL systems. Two computer systems used to support NASA’s Deep Space Network and several Goddard Space Flight Center systems were affected by the intrusions, although NASA officials assured that no critical space operations were ever at risk.
  • As a result of an OIG investigation and lengthy international coordination efforts, a Chinese national was detained in December 2010. Seven NASA systems, many containing export-restricted technical data, were compromised by the Chinese national.
  • In February 2011, a British citizen was sentenced in England to 18 months’ imprisonment for his role in the distribution of malware that caused NASA data to be compromised. Approximately 2,000 NASA e-mail users were infected with this malware as part of a worldwide computer fraud scheme.
  • In February 2011, a Texas man pled guilty to wire fraud in Federal court in Minnesota for hacking two NASA systems. Because of the intrusion, more than 3,000 registered users were denied access to oceanographic data supplied by NASA for several days. Direct remediation costs in this case exceeded $66,000.
  • The U.S. Attorney’s Office for the Southern District of New York announced in November 2011 the indictment of six Estonians and one Russian national who were part of an international fraud scheme that compromised more than 4 million computers worldwide, including 135 NASA systems. To date, authorities have seized more than $15 million in assets from the operation.
  • In November 2011, JPL IT Security reported suspicious network activity involving Chinese-based IP addresses. NASA review disclosed that the intruders had compromised the accounts of the most privileged JPL users.
  • In January 2012, a 20-year-old Romanian national was arrested by Romanian authorities for unauthorized accesses into numerous systems belonging to NASA, the Pentagon, the Romanian government, and commercial entities. Due to this intrusion, products from a variety of NASA scientific research efforts were inaccessible to the general public for a brief period of time. However, no long-term damage to the underlying programs has been reported.
  • In February 2012, a Romanian national was indicted in the Central District of California for hacking into JPL systems. The U.S. indictment followed convictions in Romania for related criminal activity. This series of intrusions resulted in losses of over $500,000 to the Atmospheric Infrared Sounder (AIRS) Program.
  • In 2016 NASA’s computer systems, were attacked by ‘New World Hacking’ team’s activists- ‘Anonymous’. The hackers claimed that they have shut down the space agency’s primary website and email servers through DDoS attack. The NWH is the group who claimed responsibility for shutting down Xbox online service, BBC news servers, HSBC UK’s online banking, the official website for Donald Trump’s election campaign, Salt Lake city Police and airport websites. The group stated that NASA was attacked because they were convinced that the agency has important information about the extremist organization ISIS but, the group refused to reveal the secret information about ISIS in the public.

What importance would ask someone does this for humanity? We all know that scientific studies and research have been synonymous for coexistence. NASA’s achievements are at the same time, an achievement of mankind for centuries. What is the invisible for today’s man? That invisible is the domination of technological development over political decisions? So the century’s advances in science have avoided political rivalries between states and nations.

Sources:

NASA Cybersecurity: An Examination of the Agency’s Information Security Statement of Paul K. Martin

Inspector General National Aeronautics and Space Administration. Https://oig.nasa.gov/congressional/FINAL_written_statement_for_%20IT_%20hearing_February_26_edit_v2.pdf

DDoSInfo – Information about DDoS and Denial of Service Attacks,

http://www.ddosinfo.com/author/enurrendy/page/34/

In Albanian version:

NASA dhe siguria kibernetike