While the agency recorded 1,468 incidents, its budget was cut last year, according to a report from Atlas VPN.
Image: iStockphoto / NicoElNino
There were 1,468 cyber incidents at NASA in 2019 – an amazing 366% increase. This comes from data extracted and analyzed by Atlas VPN and published the results in a new report. As one of the country's major federal agencies, "this is an alarming finding," the company said.
Cyber incidents at NASA can affect national security, intellectual property, and people whose data could be lost due to data breaches. In its 2019 financial report to Congress (PDF), the Office of Administration and Budget (OMB) stated that NASA is continuously improving its security systems, but a wide range of digital information and assets remain at risk.
Any attempted or unauthorized access, use, disclosure or destruction of information is considered a digital security incident, according to Atlas VPN. Digital incidents include intrusions within the organization and violations of NASA's computer policies and regulations.
OMB reviews government agencies annually. The office is also responsible for the development and monitoring of the implementation of
Guidelines, standards and guidelines for cyber security in federal authorities.
SEE: VPN: Choosing a provider and troubleshooting tips (free PDF) (TechRepublic)
In 2018, according to Atlas VPN, there were only 315 cyber incidents at NASA.
Incidents caused by improper use increased the most from 180 in 2018 to 1,329 in 2019, representing a growth of 638% per year. Improper use is described as an incident that is the result of an authorized user violating an organization's acceptable usage guidelines.
"For example, a user installs unapproved file sharing software, which results in the loss of confidential data, or a user does illegal activity on a system," said Atlas VPN.
Other incidents are different types of attacks that do not fit into any of the above categories.
Although email attacks are one of the most common infection methods in public companies, they are not as common at NASA: According to Atlas VPN, only six cases were registered in 2019.
In addition, employees lost or stole the company's equipment 15 times in 2019, the company said. Lost or stolen corporate / government assets pose enormous security risks as fraudsters have plenty of time to infiltrate the device.
"It should be noted that NASA employs more than 17,000 people, so some of them may lose or steal equipment even if cybercriminals do not directly attack NASA," the company said.
NASA's cybersecurity budget has dropped
In conclusion, OMB concluded that while NASA continues to make progress in securing its networks and information systems, its cyber security program remains ineffective, said Atlas VPN.
Of all the major federal agencies, NASA is one of the few with a smaller cybersecurity budget. The budget for digital security purposes decreased by $ 3.1 million in 2019.
"Interestingly, almost all other institutions have increased their cybersecurity budgets," the company said. "The fact that NASA saw the largest increase in cyber incidents could lead to the conclusion that the reduction in the cybersecurity budget had a direct negative impact."
The Department of Defense (DOD) received around 50% of the federal cybersecurity budget in 2019, which is equivalent to over $ 8.5 billion. Compared to 2018, DOD received another $ 479 million, according to Atlas VPN.
The second in line is the Department of Homeland (DHS) security at $ 2.59 billion for cybersecurity purposes in 2019. Unlike 2018, the DHS cybersecurity budget increased by $ 731.9 million , which is an increase of over 39%.
According to Atlas VPN, funds for strengthening the IT infrastructure rose in all of the remaining agencies mentioned.
The increase in cybersecurity spending is due to the federal authorities switching to electronic data storage to keep records. Appropriate cybersecurity measures to protect this sensitive data are essential to maintain public confidence in the federal government.
Although the number of cyber incidents at NASA has increased the most, according to the US Senate (PDF), many other federal agencies are insufficiently protected, the company said. Federal agencies continue to find it difficult to protect internal networks, even if billions of dollars are spent on cyber security.
"The complexity, technological diversity, and (and) geographic decentralization of government networks are the greatest digital security challenges these institutions face."
In addition, federal agencies still run on systems that are supported by outdated languages. According to Atlas VPN, these systems require more resources for maintenance every year. "One of the most important recommendations of the congress is that the federal government must regularly and systematically modernize its systems."
Cybersecurity Insider Newsletter
Strengthen your company's IT security defenses by keeping up to date with the latest cyber security news, solutions, and best practices.
Delivery on Tuesdays and Thursdays
Sign up today