NASA's Assistant Administrator and the office of the Chief Human Capital, Bob Gibbs revealed that the US space agency suffered a security breach that may have affected employees who were on-boarded, separated from the agency and/or transferred between centres, between July 2006 and October 2018. After the incident, the agency understood that has to protect itself from the most sophisticated hackers.
Apart from the space-related operations, the agency, which includes brilliant scientific minds from all around the world, also aims to prevent cyberattacks on earth and International Space station. But the question is after the recent attempt to steal data on NASA employees, did they figure out the combat tactics for future attempts to steal personal data?
NASA under cyber threat
Earlier in 2011 and 2016 also NASA faced major data breach incidents. Then in 2018, on December 18, NASA sent an internal memo to all the employees. It mentioned that investigators discovered the breach on October 23, 2018, but they haven't identified the hackers. The space agency mentioned that an unknown intruder gained access to a server containing the personal information of the employees. But the scope of the breach and the number of affected employees weren't clear.
"Once identified, NASA will provide specific follow-up information to those employees, past and present, whose personally identifiable information (PII) was affected, to include offering identity protection services and related resources, as appropriate," said Gibbs.
How NASA employees can protect themselves?
Hackers could easily target the router and gain access to the personal data, files and networks. Since a router comes with username and password which are available on the internet, cybercriminals can break in and cause the damage. In such cases, the employees can log into the router's administration console and get that generic password changed.
After the changes in credentials and updating the system, people should adjust a few settings. However, if the router is being used for several years, and security options will show WPA or WEP, then change the router.
NASA employees do have a laptop to carry out immediate work from the outside of the office premises also. The employees have to use a VPN, which works as a layer of protection between devices and the internet. It hides IP or MAC address along with the location and encrypts the data that travels from a device to websites, visited by the employees.
While using unsecured networks such as public wi-fi connections, people send queries through cyberspace and they route through private networks to other servers, while exposing themselves to the hackers.
There are several incidents related to Phishing attacks which may target the users via emails, social media account and messages. If you receive an email along with a link which would state that the account has been compromised and password needs to be changed, then they should not click on the malicious link.