Space Agency CIO Notes Malicious Actors Taking Advantage of COVID-19 Crisis
With the COVID-19 pandemic forcing U.S. federal government employees and contractors to work from home, the National Aeronautics and Space Administration is seeing an increase in hacker attacks targeting its newly mobile workforce, according to a memo from NASA’s CIO, Renee Wynn.
Wynn says that NASA’s security operations center reports that the amount of phishing emails targeting employees and contractors has doubled over the past several weeks.
The security operations center also has seen an “exponential increase” in the amount of malware targeting NASA’s systems and an uptick in agency devices attempting to connect to known malicious sites, Wynn notes. As a result, NASA is increasing the use of mitigation tools to block devices from connecting to these sites, the memo states.
Cyberattacks targeting NASA are the work of nation-state actors and cybercriminals looking to exploit the COVID-19 pandemic, Wynn says.
In the past month, reports from security firms and government agencies have noted increases in phishing emails and business email compromise scams during the pandemic (see: FBI: COVID-19-Themed Business Email Compromise Scams Surge).
“Experts believe these malicious cyberattacks will continue and likely increase during the pandemic,” according to Wynn’s memo, which was posted to SpaceRef, a website dedicated to NASA and space exploration news.
A NASA spokesperson says the security operations center is working to mitigate the emerging threats.
“NASA’s IT systems are attractive targets for cybercriminals and nation-state actors, who may want to steal, jam, spoof or hijack our systems, data and datalinks,” the spokesperson tells Information Security Media Group.
Targeting Sensitive Data
The memo warns that many of the recent cyberattacks targeting NASA are designed to steal sensitive data or gain access to internal systems. Not only are attackers targeting NASA-issued devices, but also personal devices employees and contractors might be using from home for work purposes.
“Some of their goals include accessing sensitive information, usernames and passwords, conducting denial-of-service attacks, spreading disinformation and carrying out scams,” the memo states.
In March, the U.S. Department of Defense warned its employees and contractors to take additional security precautions to guard against similar hacking attempts (see: DOD Warns of Cyber Risks as Employees Work From Home).
Basic Security Steps
The memo outlines security steps that NASA employees and contractors should use as they work remotely from home. These include:
- Using the NASA-approved VPN to connect the agency’s network;
- Avoiding accessing personal email accounts and social media sites from NASA devices;
- Checking with IT managers about patches and updates for NASA devices;
- Using encryption for emails that contains sensitive NASA information.
In a recent interview with Information Security Media Group, Tom Kellermann of VMware Carbon Black urges those working from home to practice what he calls “digital distancing.” This includes, for example, using separate routers for work and home use (see: COVID-19 and the Need for ‘Digital Distancing’).