Pierluigi Paganini April 08, 2020

This week, NASA sent out a memo to its personnel warning of a significant increase in the cyberattacks during the Coronavirus outbreak.

NASA sent out a memo to its personnel warning of a significant increase in cyberattacks on the agency while its employees are in smart-working due to the Coronavirus outbreak. According to the Agency, roughly 75 percent of its employees are currently working from home.

The memo was obtained by the website SpaceRef, it warns of both phishing attacks and malware-based attacks. According to the advisory issued by NASA, the number of phishing attempts doubled in the past few days, at the same time the number of malware attacks on its systems has grown exponentially.

“A new wave of cyber-attacks is targeting Federal Agency Personnel, required to telework from home, during the Novel Coronavirus (COVID-19) outbreak. During the past few weeks, NASA’s Security Operations Center (SOC) mitigation tools have prevented success of these attempts.” reads the memo.

• “Here are some examples of what’s been observed in the past few days: Doubling of email phishing attempts
• Exponential increase in malware attacks on NASA systems
• Double the number of mitigation-blocking of NASA systems trying to access malicious sites (often unknowingly) due to users accessing the Internet”

NASA experts believe that the attacks will continue during the pandemic, the good news is that the SOC of the agency doubled the number of blocked attempts to access malicious websites.

Employes must be vigilant while accessing NASA systems, the agency is particularly concerned with nation-state actors that are carrying out Coronavirus-themed attacks.

“NASA employees and contractors should be aware that nation-states and cyber criminals are actively using the COVID-19 pandemic to exploit and target NASA electronic devices, networks, and personal devices.” continues the memo. “Some of their goals include accessing sensitive information, user names and passwords, conducting denial of service attacks, spreading disinformation, and carrying out scams,”

NASA also warns of cyber attacks launched by cyber criminals, they are using an increasing number of spam messages using malicious attachments and links to fraudulent websites.

Most of the attacks observed in this period use the COVID19 as a lure, the agency observed fake donations, updates on virus transmissions, safety measures, tax refunds, fake vaccines, and disinformation campaigns.

The memo invited NASA personnel to use VPN and regularly visit a dedicated website that provides information related to working during the COVID-19 outbreak.

Below the list of suggestions included in the agency’s memo:

 Use the NASA VPN, prior to beginning to work. This allows your system to leverage ALL of NASA’s security protections.

• Refrain from opening your personal email or non-work related social media on your NASA computer systems/devices. Also be cautious before clicking on links in text messages and social media.
• Keep your personal email and social media separate from NASA.
• Ensure your NASA electronic devices receive required patches and updates. 
• Utilize approved and authorized software, video, and teleconferencing systems and protect access instructions to them. 
• Continue to protect NASA sensitive information in accordance with NASA policies, including encrypting NASA emails containing sensitive information. 
• Do not reveal personal or financial information in emails, and do not respond to email solicitations for this information. 
• Review the Cybersecurity and Infrastructure Security Agency (CISA) Tips on Avoiding Social Engineering & Phishing Scams at: https://www.us-cert.gov/ncas/tips/ST04-014.

Pierluigi Paganini

(SecurityAffairs – hacking, Coronavirus)

[adrotate banner=”5″]

[adrotate banner=”13″]