Urgent: Malware Attacks Occurring in Conjunction with Recent NSA Headlines

Subject: Urgent: Malware Attacks Occurring in Conjunction with Recent NSA Headlines.
To: NASA Civil Servants and Contractors
From: Agency-IT-Outreach
Date: June 12, 2013

What is Happening:

Malicious hackers leverage sensational events (such as key news stories, scandals, etc.) to take advantage of people accessing websites to seek additional information. Information systems are being infected from malware and spyware piggybacking on downloaded documents (the current attack is occurring via a Java application).

To protect NASA information systems, NASA Civil Servants, Grantees, and Contractors are never to download classified material-released to the public. NASA considers all classified materials as classified, until otherwise labeled. Information being distributed publicly does not mean the information is considered unclassified by the government.

Action Required:

Never download classified materials, released to the public. This is a direct violation of NASA policy.

Always be vigilant of websites you visit, especially when they focus on sensational or catastrophic events.

If you think your NASA system has been compromised, immediately notify your Center’s IT Security Office, and the NASA OCIO Security Operations Center (SOC). Your Center Information Security Office and the SOC will take steps to halt any malicious activity, and potential threats to NASA.

Support:

For assistance with NASA policy, contact your Center Chief Information Security Officer (CISO). A full list is located here: http://insidenasa.nasa.gov/ocio/security/ITSM_POCs.html