Representatives of the space agency said that recently NASA staff and home-based agency contractors suffered from increase in the number of hacker attacks, and their devices are constantly trying to gain access to malicious sites.
Therefore, according to official figures, in recent days, NASA personnel have been suffering from:
- doubling the number of phishing attacks by email;
- exponential growth of malicious attacks on NASA systems;
- doubling attempts to block or mitigate the activity of NASA systems trying to access malicious sites (unknowingly, due to users accessing the Internet).
The last point means that NASA employees and contractors are actively clicking on malicious links that they send to them via email or text messages. And now this happens twice as often as usual. Social engineering is still one of the easiest ways to access corporate networks and users’ computers.
The mechanisms for blocking and mitigating such incidents that NASA SOC uses seem to include blocking access to servers that are considered malicious or suspicious, as well as terminating dangerous downloads from agency computers. Unfortunately, these measures can hardly be called reliable, and much better when the staff is trained to recognize phishing attempts and act accordingly.
“NASA employees and contractors should be aware that the APT and cybercriminals are actively using the COVID-19 pandemic to attempt exploitation and attacks on NASA’s electronic devices, networks and personal devices. In some cases, the goals of [criminals] include access to confidential information, usernames and passwords, conducting denial of service attacks, the spread of misinformation, and fraud”, – told NASA representatives
Cybercriminals began to send emails with malicious attachments and links to fraudulent sites more often, trying to force victims to disclose confidential information and provide access to NASA systems, networks and data. Such baits are often masked as requests for donations, supposedly updated data on the methods of transmission of the virus, security measures, tax refunds, information on fake vaccines and disinformation campaigns.
As a result, contractors and staff are advised to exercise caution when using computers and mobile devices connected to the Internet and to exercise increased vigilance.
As we wrote earlier, not only NASA will experience such difficulties. For example, the other day, Check Point experts reported that 71% of cybersecurity experts report an increase in the number of threats and attacks since the beginning of the pandemic. The majority of respondents (55%) report phishing attempts as the main threat.
In second place are malicious sites that allegedly contain information and tips about coronavirus (32%). Next is the increase in the number of malware (28%) and ransomware (19%).
“My new certificate log catcher is sucking in all the covid-19 and coronavirus domain certificates. 3,143 certificates in 24 hours today (UTC), not yet checked for duplicate domains re-registered for additional hosts”, — reports IS expert Sean Gallagher.
Overall, attackers are very actively exploiting the new opportunities that the pandemic offers them.