NASA’s cybersecurity readiness
The cyber threat landscape is highly dynamic and extremely difficult to keep pace with. Attackers are not only developing new techniques to evade security, but threats—such as spam, phishing, and malware—are growing in complexity and precision. The importance of having a robust defense against such attacks was highlighted by the SolarWinds breach, a large-scale hack of government and private information technology (IT) assets that became public in December 2020.
Meanwhile, IT applications and architecture continue to evolve rapidly during a period of increasing reliance on digital connections during the COVID-19 pandemic.
Given its high-profile mission and broad connectivity with the public, educational institutions, research facilities, and other outside organizations, NASA presents cybercriminals a larger potential target than most government agencies. In response, the Agency has worked to improve its cybersecurity preparedness with efforts led by the Office of the Chief Information Officer (OCIO). Nonetheless, in the last 4 years alone NASA experienced more than 6,000 cyber-attacks, including phishing scams and introduction of malware into Agency systems. Consequently, it is vital that the Agency develop strong cybersecurity practices to protect itself from current and future threats.