Coronavirus has millions of Americans working from home, including many staffers at NASA. As if the prospect of monitoring the entirety of space on a laptop in your apartment weren't daunting enough, the agency's Chief Information Officer (CIO) Renee Wynn is warning staffers that NASA has seen a significant increase in the number of cyber threats targeted at its employees and operations.
According to a memo circulated by Wynn's office to the rest of the agency, attackers have started to set their sights on remote workers who may currently be less protected on their home networks than they would be inside NASA's secured offices. The memo warns that in the last few days, the agency has identified a doubling in the number of email phishing attempts directed at NASA email accounts and an "exponential increase" in the number of malware attacks aimed at NASA systems.
NASA confirmed the authenticity of the memo to Mic. "The security of NASA’s information technology is a top agency priority," a spokesperson for the agency said. "During the COVID-19 pandemic, NASA has seen an increased number of cyber threats that include phishing attempts and malware attacks. NASA cybersecurity tools have mitigated the impact of these attacks. NASA’s Security Operations Center (SOC) continues to monitor and protect Agency systems, data and intellectual property 24x7."
NASA's CIO also noted that the agency's systems have blocked twice as many attempts to access malicious sites in recent days, which is particularly concerning. That increase suggests that more employees and contractors are being lured or accidentally accessing sites, given that NASA's defenses against these efforts have had to block access to those sites with more regularity. Those sites may attempt to steal login credentials or install harmful and malicious software on NASA employees' devices. These types of threats can come in a number of ways, but are most common as links included in emails or text messages.
According to the memo, NASA believes these upticks in attacks are the result of both nation-state actors and rouge cyber criminals who are using the coronavirus pandemic to their advantage in attacking potential victims. NASA's CIO reported that these malicious efforts are often presented as "requests for donations, updates on virus transmissions, safety measures, tax refunds, fake vaccines, and disinformation campaigns." The agency warned that while these messages may seem legitimate at first, they are typically attempts to gain access to sensitive information including usernames and passwords or to hijack devices belonging to NASA employees that may then help the attackers access other NASA systems.
In order to mitigate these threats, NASA is asking that its workers remain vigilant and aware of the increased level of attacks. NASA has its own virtual private network (VPN) that it requires employees and contractors to activate prior to starting their work day in order to stop potential attacks that could intercept sensitive information. The agency is also asking workers to refrain from accessing personal emails and social media accounts on NASA issued devices and keep all devices up to date with the latest software and security patches.
The attacks are unlikely to go away any time soon. The memo warned that "these malicious cyber-attacks will continue and likely increase during the pandemic." NASA isn't alone in this threat, either — scammers have been all in on attempting to take advantage of the unprecedented crisis and profit off the confusion and misfortune of others. NASA is filled with some of the brightest minds in the world, but even astrophysicists can fall victim to clicking a malicious link every now and then.