Fifty years ago, July 1969, David Bowie released his iconic ‘Space Odyssey’ song, NASA launched Apollo 11, and astronauts took their first steps on the moon. It was a momentous time in the history of space travel.
Little did NASA or any of us know back then, that fifty years later, the danger would lurk – not in some unknown planet, but a different type of world – namely the ‘online’ world.
We can all be excused for this oversight since back then the ‘online’ world was yet to be discovered. There was no Internet or Wi-Fi. Acronyms such as BYOD and IoT would only take meaning decades later, and Raspberry Pi was still thought of as a dessert, not a small computer vulnerable to attack.
The world is a very different place today. We live in the era of the Internet, where everyone and everything is connected. NASA is no exception; they have networks that control spacecraft, collect scientific data, and perform critical operations. Like other organizations, their networks are constantly under attack by cybercriminals.
A report by the NASA Office of the Inspector General was published last month and outlined its findings from an investigation into a security breach affecting NASA’s Jet Propulsion Laboratory (JPL) in March 2018.
The comprehensive NASA report makes for an interesting read – not because the breach is different from other breaches you read about, but instead because of how eerily similar the cybersecurity attack ‘narrative’ has become.
For example, the narrative typically goes as follows:
In many ways, the NASA breach is no different to the Sony Pictures breach back in 2014, or many other breaches. The Sony breach resulted from a compromised password. However, the real damage occurred due to the unprecedented breadth and sensitivity of the data that the hacker gained access to as they roamed at will and unnoticed on the network for months. Data included everything from employees’ personal information, yet-to-be-released movies, and executive emails.
Like space travel was fifty years ago, cybersecurity is a monumental challenge faced by society today. While we may not have all the answers, as we learn about more attacks and their similarities, there are some points worth repeating. Specifically:
1) No company is immune from cyber-attacks
If cyberattacks and data breaches can happen to the world’s best-known brands – NASA, Sony, Target, Home Depot, Saks, British Airways, T-Mobile, and others – they can happen to any company. No company can take security for granted. Tackling security is a journey, and a multi-layered approach is critical.
2) Network visibility is essential
In the NASA breach, the Raspberry Pi had been attached to the network by an employee; however, insufficient security controls meant that NASA administrators did not know it was there. That oversight left the device unmonitored on the network, allowing the attacker to take control of it and use it to steal data. Not only are many businesses unaware of the endpoints connected to their networks, but they also lack the in-depth visibility to know what, where, and with who devices may be communicating. Network security requires visibility. Investing in analytics is a great place to start, as discussed in the 6 Things You Need to Know About IoT Security in 2019 blog post.
3) Contain the damage with network segmentation
One of the most overlooked security strategies continues to be network segmentation and isolation. It is critical to segment a network and only give users, and devices access to the information and parts of the network they need. If a person has a malicious or criminal intent, the potential for damage can be contained, as highlighted in the How the Right Network Design Can Prevent a Catastrophic “Headline-Making” Security Attack blog post.
To learn more about network security, check out some of the resources below: