The effects of the SolarWinds hack extend out into the final frontier.
In December 2020, news broke that a cyberattack had breached the defenses of the U.S. Treasury Department and one branch of the Department of Commerce.
Over the ensuing days and weeks, however, it became clear that the hack was much broader than that. In February, U.S. officials confirmed that nine federal agencies were infiltrated over the months-long cyberespionage campaign, a Russian-led effort that became known as SolarWinds after one of the companies whose software the hackers used as an access point.
Defense Department password is cracked in 9 seconds. So how safe are US weapons?
That same month, The Washington Post reported that NASA was one of those nine infiltrated agencies. NASA leaders know that the space agency, with its huge stores of advanced technical data, is an inviting target for hackers and therefore take significant measures to head them off. Even still it was compromised, and that shook the agency up.
“SolarWinds was a big wakeup call,” Kathy Lueders, the head of NASA’s Human Exploration and Operations Mission Directorate, said on Tuesday (May 25) during the joint spring meeting of the Aeronautics and Space Engineering Board and the Space Studies Board, both of which are part of the U.S. National Academies of Sciences, Engineering and Medicine. “It was tough.”
Cybersecurity is a big concern for NASA’s human spaceflight team, Lueders said. To ensure the safety of the astronauts aboard the International Space Station, she and her colleagues have to retain control over their systems 24 hours a day, 365 days a year.
And those systems are complex, numerous and varied, with significant contributions from foreign and private-sector partners. For example, astronauts already fly to and from the orbiting lab on Russian Soyuz spacecraft and SpaceX Crew Dragon capsules, and they’ll soon start making the trip aboard Boeing’s Starliner capsule as well, if all goes according to plan.
“When you have to work with commercial providers, you have to think of them as potential targets, too,” Lueders said. “It’s a big struggle for us, because we’re also trying to figure out how to use more and more commercial assets that are vulnerable.”
There’s a temptation to meet cybersecurity challenges by looking backward and relying on tried and true technology, she added. But that cannot be a standalone solution for NASA, which is mapping out an ambitious spaceflight future.
“We’ve got to figure out how to be able to do this and protect ourselves while still being on the cutting edge,” she said. That’s “the big, big challenge for us — huge challenge for us.”
Mike Wall is the author of “Out There” (Grand Central Publishing, 2018; illustrated by Karl Tate), a book about the search for alien life. Follow him on Twitter @michaeldwall. Follow us on Twitter @Spacedotcom or Facebook.
