NASA's cybersecurity incidents rose 266% last year
NASA has been hit hard by cyber attacks in the past 12 months, with a 366% increase in ‘cyber incidents’ last year, according to new data from Atlas VPN and the US Office of Management and Budget (OMB).
The aeronautical organisation, which is an independent agency of the United States federal government, holds data relating to US national security, intellectual property and other sensitive data which could pose a serious risk if lost to data breaches.
OMB, which is responsible for developing and implementing cybersecurity in federal agencies, found that the tally of cyber incidents increased from 315 in 2018 to 1,468 in 2019.
Cyber incidents, as defined by OMB, can refer to both the traditional view of cyber attacks as well as interference with operations within the organisation, and violations of NASA’s computing policies.
Incidents caused by improper usage increased the most, from 180 in 2018 to 1,329 in 2019, representing a 638% growth per year.
Improper use is described as any incident resulting from a violation of an organisation’s acceptable usage policies by an authorised user.
This can include a situation where a user installs unapproved file-sharing software, leading to the loss of sensitive data; or a user performs illegal activities on a system.
OMB stated in its report that NASA’s cybersecurity program ‘remains ineffective’ – and points to the fact that the aeronautical agency’s cybersecurity budget decreased by $3.1 million in 2019, while Atlas VPN said ‘almost all other institutions saw an increase’.
The Department of Defense (DOD) received around 50% of the federal cybersecurity budget in 2019, which is over $8.5 billion. In comparison to 2018, DOD received an additional $479 million.
The second in line is the Department of Homeland (DHS) security, with $2.59 billion funds for cybersecurity purposes in 2019. In contrast to 2018, the DHS cybersecurity budget grew by $731.9 million, increasing by 39%.
Atlas VPN says the increase in cybersecurity spending can be attributed to US federal agencies moving towards electronic data storage to maintain records, which in turn need strong security measures to protect sensitive data.
The complexity, technological diversity, and geographical decentralisation of government networks are the main digital security challenges that federal institutions face.
Another serious issue is the continuation and maintenance of outdated systems run throughout many of these government agencies, which every year require more funds to maintain.
This has resulted in Congress recommending that the federal government should lead the way in modernising their IT systems regularly and systematically, according to Atlas VPN.