Outer-space hacking a top concern for NASA’s cybersecurity chief

NASA scientists glean valuable data about powerful space explosions and the energy of black holes from their Swift and Fermi satellites. The projects were supposed to last a few years. Instead, they’ve survived for more than a decade.

That’s great for researchers but a challenge for Jeanette Hanna-Ruiz because of the projects’ ageing computer operating systems. As the space agency’s chief information security officer, she has to secure the data sent to and from planet Earth against cyberattacks.

“It’s a matter of time before someone hacks into something in space,” Hanna-Ruiz, 44, said in an interview at her office in Washington. “We see ourselves as a very attractive target.”

Cybersecurity at the National Aeronautics and Space Administration extends from maintaining email systems at the agency’s Washington headquarters to guarding US networks in Russia, where Americans serve on crews working with the International Space Station. The agency also has to protect huge amounts of in-house scientific data and the control systems at its 20 research centres, laboratories and other facilities in the United States.

Commandeering controls

Among Hanna-Ruiz’s concerns is hackers breaching communications between NASA and one of its 65 spacecraft transmitting research data.

“There could be a company that wants it, there could be a nation-state that wants it,” Hanna-Ruiz said. The challenge, she said, is, “How do I harden these streams and communications flows?”

Her nightmare is a direct cyberattack on a satellite, perhaps even allowing adversaries to commandeer the controls.

Hanna-Ruiz, a lawyer, started her stint at NASA in August. She previously managed Microsoft Corp’s consulting services and also served in cybersecurity advisory roles at the Department of Homeland Security and the White House during the Obama administration.

Her goal in the next 12 to 18 months, she said, is to “get control of our internal network” and work with the agency’s space missions on cybersecurity.

Last year, NASA reported 1,484 “cyber incidents”, including hundreds of attacks executed from websites or web-based applications, as well as the loss or theft of computing devices, according to the Office of Management and Budget’s annual report to Congress in March on federal cyber performance.

NASA aims to show “we’re leading the way in security – that’s the place we want to get to,” Hanna-Ruiz said.


Source: The Star Online


Related posts