SpaceRef

SpaceRef


NASA CIO Agencywide Memo: Alert: Cyber Threats Significantly Increasing During Coronavirus Pandemic

Status Report From: NASA HQ
Posted: Monday, April 6, 2020

From: Agency-IT-Outreach agency-it-outreach - at - mail.nasa.gov
Subject: Alert: Cyber Threats Significantly Increasing During Coronavirus Pandemic
Date: April 6, 2020 at 1:20:22 PM EDT
To: Undisclosed recipients:;
Reply-To: Agency-IT-Outreach agency-it-outreach - at - mail.nasa.gov


Distribution Date:

April 6, 2020

To:

All NASA Personnel

Subject:

Alert: Cyber Threats Significantly Increasing During Coronavirus Pandemic

What’s Happening:

A new wave of cyber-attacks is targeting Federal Agency Personnel, required to telework from home, during the Novel Coronavirus (COVID-19) outbreak. During the past few weeks, NASA’s Security Operations Center (SOC) mitigation tools have prevented success of these attempts. Here are some examples of what’s been observed in the past few days:
·         Doubling of email phishing attempts 
·         Exponential increase in malware attacks on NASA systems
·         Double the number of mitigation-blocking of NASA systems trying to access malicious sites (often unknowingly) due to users accessing the Internet
 
Experts believe these malicious cyber-attacks will continue and  likely increase during the pandemic. NASA’s SOC continues to monitor and protect Agency systems, data, and intellectual property 24x7.

Please continue your vigilance, as you use NASA systems, and extend this to your home-computer usage as well. 
 

Background:

NASA employees and contractors should be aware that nation-states and cyber criminals are actively using the COVID-19 pandemic to exploit and target NASA electronic devices, networks, and personal devices. Some of their goals include accessing sensitive information, user names and passwords, conducting denial of service attacks, spreading disinformation, and carrying out scams. Cyber criminals have increased sending emails with malicious attachments and links to fraudulent websites, attempting to trick victims into revealing sensitive information and gain access to NASA systems, networks, and data. Lures include requests for donations, updates on virus transmissions, safety measures, tax refunds, fake vaccines, and disinformation campaigns. 
 
When someone clicks on these links, the unsuspecting user has malware delivered to their system (in split seconds) capable of data exfiltration (stealing our credentials, files, and information). This is not specific to computers, there are also phishing attacks occurring against mobile devices with similar lures, such as text messages or advertisements within applications, designed to entice victims to click on links designed to secretly have their sensitive information and account credentials harvested. 

What to Expect:

NASA employees and contractors should expect these cyber threats and cyber attacks to continue at an elevated level. Be cautious while working and when using your personal computers or mobile devices.
 

Action Required:

NASA’s Leadership team appreciates everything NASA personnel, around the world, are doing to protect themselves and the Agency in these uncertain times. NASA civil servants and contractors are always the first line of defense in identifying and reporting potential threats and should continue to exercise a high-level of vigilance and caution when utilizing NASA electronic devices and personal devices connected to the Internet. 
 
Visit the frequently-updated NASA People Site:https://nasapeople.nasa.gov/coronavirus/. It includes extensive resources for teleworking (Teams, WebEx, Skype) with NASA and our external Partners, links to the CDC and WHO, and shows the current Stage (1 – 4) of each NASA Center. 
 
In addition: 

·         Use the NASA VPN, prior to beginning to work. This allows your system to leverage ALL of NASA’s security protections.

·         Refrain from opening your personal email or non-work related social media on your NASA computer systems/devices. Also be cautious before clicking on links in text messages and social media.

·         Keep your personal email and social media separate from NASA.

·         Ensure your NASA electronic devices receive required patches and updates. 

·         Utilize approved and authorized software, video, and teleconferencing systems and protect access instructions to them. 

·         Continue to protect NASA sensitive information in accordance with NASA policies, including encrypting NASA emails containing sensitive information. 

·         Do not reveal personal or financial information in emails, and do not respond to email solicitations for this information. 

·         Review the Cybersecurity and Infrastructure Security Agency (CISA) Tips on Avoiding Social Engineering & Phishing Scams at: https://www.us-cert.gov/ncas/tips/ST04-014.

 

Support: 

Enterprise Service Desk (ESD) at https://esd.nasa.gov, or by phone at 1-877-677-2123, Option 2. 
 
For questions or to report any suspicious IT Security or cybersecurity incidents, please contact NASA’s Security Operations Center (SOC) available 24x7 via phone:  1-877-627-2732 (877-NASA-SEC), or email soc@nasa.gov.  
 

This notice was sent by the Office of the Chief Information Officer.


// end //

More status reports and news releases or top stories.

Please follow SpaceRef on Twitter and Like us on Facebook.