On May 1, NASA acknowledged that it was hacked by a new community called the Unknowns. The site in question was one hosted by the Glenn Research Center. NASA claims that security was never at risk.
“NASA security officials detected an intrusion into the site on April 20 and took it offline,” according to NASA’s official statement. “The agency takes the issue of IT security very seriously and at no point was sensitive or controlled information compromised. NASA has made significant progress to better protect the agency’s IT systems and is in the process of mitigation any remaining vulnerabilities that could allow intrusions in the future.”
The attack by the Unknowns exposed one of the cyber vulnerabilities NASA has but according to the letter from the Unknowns, helping NASA improve its defenses was their main goal. “We are not Anonymous Version 2 and we are not against the US government,” declared the online statement . “Our goal was never to harm anyone, we want to make this whole internet world more secured because, simply, it’s not at all and we want to help.”
The group claims to have emailed instructions on how to patch the weaknesses in the websites, but whether this will really change the overall cyber security of NASA websites is open to question. NASA manages over 3400 websites, which is around one-half of all US government sites. With the sheer volume of sites to manage, it is not surprising to learn that over 5,621 Cybersecurity incidents were reported in 2009 and 2010.