When the U.S. government partially shut down in December, furloughing almost all NASA employees for 35 days, missed paychecks and stalled science weren't the only issues NASA had to worry about. The shutdown also threatened the agency's cybersecurity, NASA officials said at a post-shutdown town hall meeting Tuesday (Jan. 29).
"NASA is one of the — it is the most attacked agency in the federal government when it comes to cybersecurity," NASA Administrator Jim Bridenstine told a room full of NASA employees at the town hall, which took place at the agency's headquarters in Washington, D.C.
"Across the world there are governments that are very, very interested in what we're doing, because technology ultimately determines the balance of power on Earth, and we are doing things that are very, very advanced technology," Bridenstine said. "There are people who would love to use it not for the benefit of humankind, but for their own power purposes." [Government Shutdown May Have Done Long-Term Damage to NASA]
While nearly 95 percent of the agency's employees could not come to work during the government shutdown, those working in NASA's Security Operations Center (SOC) never stopped fighting cybersecurity threats, Renee Wynn, NASA's Chief Information Officer, said during the town hall. The center, located at NASA Ames Research Center in California, operates 24/7 every day of the year, no matter what. "No snow stops them from coming in and taking care of and monitoring what's going on in our networks," Wynn said.
"We do have to protect your data, and we have to protect the integrity of all the data that NASA gets and shares," Wynn said. "That is our main driver in cybersecurity. [It's] you and our name, our reputation — which is through our data and the science, engineering, mathematics and technology discovered through that."
The SOC researched incidents throughout the shutdown, and they reported that, on average, the agency faced about one cybersecurity threat per day, Wynn said. This doesn't necessarily mean that hackers were breaking into NASA computers every day, though. A NASA employee losing their government phone also counts as a security threat. "Please stop losing your devices," Wynn told the NASA employees in the room.
Thanks to the indispensability of the SOC, "cybersecurity in the most part was fully functional" during the shutdown, Wynn said. "I say 'in the most part,' because we also had to think about funds conservation, and so while cybersecurity is important, there are things that are more important than other things."
For example, some NASA websites had to be taken down during the shutdown because their website certificates had expired. "We left our websites up until they posed a threat to the agency," Wynn said. Websites deemed insecure could be vulnerable to hacking, putting NASA's data at risk. Over the course of the 35-day shutdown, NASA took down at least 35 sites because their security certificates expired, Wynn said. "So, we took them down because the information on [them] wasn't critical to shutdown or to a certain active function in the agency."
NASA employees who remained at work during the shutdown also had problems running certain software programs on their computers, because they were unable to renew software licenses and install security patches. "If you don't have a license for your software, you're not getting the patches, and we get fixes every single day for all the software that we do," Wynn said. On their first day back at work after the shutdown ended, furloughed employees had to patiently wait for their computers to install all the updates and security patches before they could get back to work.
Despite any security concerns brought on by the shutdown, Wynn was pleased to report that the most recent scan by the Department of Homeland Security showed that NASA "had no external-facing, critical issues," she said. "In my opinion, for now, we got through this really well."