The US National Aeronautics and Space Administration (NASA) issued an alert addressed to all personnel reporting that “Cyber Threats are Significantly Increasing.” The alert issued by NASA’s Office of the Chief Information Officer, Renee Wynn dated 06 April 2020, warned that cyberattacks targeting Federal Agency Personnel are growing. The alert, posted on space news website SpaceRef, reports an exponential increase in malware attacks on NASA systems. Wynn’s alert also reports that the amount of phishing emails targeting employees and contractors has doubled over the past several weeks.
NASA’s CISO states, “NASA employees and contractors should be aware that nation-states and cyber criminals are actively using the COVID-19 pandemic to exploit and target NASA electronic devices, networks, and personal devices.”
DHS and NCSC Issue Joint Cyber Threat Alert
Just yesterday the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint alert sounding the alarm over the numerous cyberattacks exploiting the Coronavirus pandemic as a lure.
The cyber threats reported by the CISO’s office are targeting NASA employees and contractors with intentions to steal sensitive information, harvest credentials, conduct denial of service (DoS) attacks, and scam victims. These attacks use phishing emails with malicious attachments and SMS text messages both of which may contain links to harmful websites. Clicking on attachments in emails may infect a device with malware in a matter of seconds. Links in emails and SMS text messages may also send the user to a malicious website that is set up to harvest information or infect the user’s device with malware. Once infected, the malware may download even more malware to the infected device to steal information or money. These spoof websites are designed to look like official health organizations websites, banks, or other financial institutions.
These attacks use COVID-19 themed lures which may include requests for donations, updates on virus transmissions and outbreaks, safety measures, Coronavirus vaccines, and disinformation campaigns. Some of the campaigns may use messaging about tax refunds and the economic stimulus package or CARES Act. The mission of these campaigns is to trick victims into revealing sensitive information and gain access to NASA systems, IT networks, and sensitive data.
The memo goes on to state that the attacks target all operating systems, computers, laptops, and mobile devices. They are not specific to any type of device or operating system. Often smartphone users think they are immune to malware and other cyberattacks because they are using a mobile device but that is not true since many of these attacks are using emails, text messages, and messaging apps.
NASA Increasing Cyber Threats
- Doubling of email phishing attempts
- Exponential increase in malware attacks on NASA systems
- Double the number of mitigation-blocking of NASA systems trying to access malicious sites (often unknowingly) due to users accessing the Internet
To help defend against future attacks CISO Wynn recommends that NASA employees use their NASA VPN to protect their work. According to the alert, NASA emails containing sensitive information should be encrypted.
How to Help Protect Yourself from Cyberattacks
End users and system administrators should review the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) bulletin titled “Tips on Avoiding Social Engineering & Phishing Scams” https://www.us-cert.gov/ncas/tips/ST04-014
- Do not open personal email or personal social media accounts on company devices
- Keep devices updated with the latest security patches and updates
- Utilize approved and authorized software, video, and teleconferencing systems and protect access instructions to them
- Do not click on links on unsolicited emails.
- Do not click on links in SMS text messages
