EXECUTIVE SUMMARY:
Two major astronomy observatories – the Gemini North Telescope in Hawaii and the Gemini South Telescope in Chile – were forced to halt operations on account of a cyber attack. The incident also disrupted several smaller telescopes.
Because astronomical studies and activities sometimes need to be precisely scheduled, disruptions like this can completely derail research efforts if a certain number of critical observation windows are missed.
For each day that lapses where facilities remain unavailable to researchers, a cost is incurred by the scientific community – and the cost is in research data lost, not just monetary resources.
Work in progress
“Our staff are working with cyber security experts to get all the impacted telescopes and our websites back online as soon as possible and are encouraged by the progress made thus far,” NOIRLab said in an update.
Like the entire astronomy community, we are disappointed that some of our telescopes are not currently observing.” A handful of telescopes are being operated manually, allowing for some normal functionality and the pursuit of select scientific endeavors.
The whole picture
The International Gemini Observatory, which operates the Gemini North and the Gemini South telescopes, enables scientists to obtain a near-complete view of the night sky – they can see the whole picture.
In the past, the two telescopes have assisted astronomers in capturing an array of celestial events, including the births of supernovae. In 2022, researchers using Gemini North observed the closest-known black hole to Earth.
Cyber attack
The nature of the cyber incident remains a mystery. ‘What was the motive?,’ scientists and others have wondered.
Roughly two weeks after the initial incident, the United States National Counterintelligence and Security Center published a bulletin about cyber threats to American space companies and research entities.
Foreign spies and hackers are acutely aware of how important the space industry is to the U.S. economy and to national security, especially due to the dependence of critical infrastructure on space-based assets.
Some perceive American space-related innovation and corresponding assets as threats and/or as opportunities to exploit for the purposes of acquiring technologies and expertise.
American officials believe that the opening maneuver in the next international conflict will likely involve rendering space-based communications and imaging satellites ineffective, according to the New York Times.
Ransomware
The affected astronomy observatories have refused to elaborate on the nature of the cyber attack or to disclose whether or not the attackers demanded a ransom.
It has been assumed that one motive for the attack, perhaps among others, is to extract money from observatory operators.
Last year, the Atacama Large Millimeter Array (ALMA) Observatory in Chile experienced a ransomware attack that took everything offline for nearly 60 days.
Preventing space-based threats
To prevent future threats, those researching the universe will need to devote additional resources to IT security, especially as cyber attacks become increasingly sophisticated.
Cyber security professionals in the space sector should take care to track anomalous incidents on computer networks and should actively search for breaches.
In addition, the sector is advised to identify potential foreign agents inside the business. Further, emphasis should be placed on protecting important intellectual properties.
For more on this topic from CyberTalk.org, please see our past coverage. Lastly, to receive more timely cyber security insights and cutting-edge analyses, please sign up for the cybertalk.org newsletter.