Our Most Powerful Telescopes are Under Unknown Cyber Attack
Some recent cyber attacks have held users of the National Science Foundation (NSF) telescopes for ransom. The NSF is equipped with the most powerful earth-based telescope, which services astronomers from around the globe for coordinated research.
Unfortunately, the cyber attack has made it impossible for many of the researchers to gain remote access to the telescopes. This has affected ongoing research, since the schedule of astrological observations has been breached.
Differences Between Earth-based and Space Probe Telescope
At the first mention of a telescope, space probes like the Hubble Space and James Webb Telescope come to mind. Due to their launch publicity, these space probes tend to be more popular than their Earth-based counterpart.
Earth-based telescopes are as complex as space probes, but they are basically giant mirrors and lenses strategically positioned for astronomical observations.
The Scope of the Disruption
The NSF telescopes are physically accessible for observations; however, not all researchers can afford the luxury of physically visiting Chile and Hawaii for their astronomical observations.
Besides being situated in remote locations, it would definitely be counterproductive to pack astronomy researchers from around the globe in one geographical location. Therefore, many of these experts access the telescopes remotely.
The Cyber Threat in Perspective
While the NSF’s Earth-based telescopes are physically functional, the inability to access them remotely has handicapped a huge number of researchers.
Also, since astronomy usually involves timed observations, a lot of the research has suffered major setbacks over the course of the remote blackout. There are just a few workers physically present, and they can only do so much.
How the Cyber Attack was Detected
On August 1, 2023, it was observed that the Gemini North telescope of the NSF was experiencing a cyberattack. This telescope is located in Hilo, Hawaii, and the attack made it inaccessible to remote astronomy collaborators from around the world.
The breach was discovered by the cybersecurity team at the NSF’s coordinating center, known as NOIRLab. The team is tasked with the responsibility of running the telescopes with minimal hitch.
Salvaging a Dire Situation
NOIRLab’s cybersecurity team was forced to take the Gemini North telescope offline after discovering the attack. Afterward, the telescope could not be used for remote observations.
Likewise, the Gemini South telescope, located in the Cerro Pachón mountains of Chile, was also shut down to avoid any physical damage to the expensive astronomy facilities.
Precautionary Disconnection of the Cerro Telescopes
After the security breach of NSF’s Hawaiian telescope was discovered, NOIRLab proceeded to disconnect the Chilean telescopes from its computer network. This precautionary step would prevent the vulnerability from spreading throughout the network.
Besides two Mid-Scale Observatories (MBO) affected by the shutdown, some other eight affiliate telescopes in Chile were taken off the computer grid.
A Huge Setback for Researchers
The cyber attack has had a domino effect on the activities of the astronomical community. For example, the schedule of progression and completion of several astronomical studies have been affected.
Astronomical research turns out to be strictly guided by time. Some observation windows are only available in 100-year cycles, depending on the Earth’s alignment with the heavenly body being studied.
Creating Anxiety in the Astronomical Community
Besides having to strictly keep up with observation windows, researchers – in particular, those with a tenured research timeline – are facing local challenges.
For example, a postdoc researcher from Arizona State University had been using telescopes in the Gemini South setup to investigate exoplanets. Unfortunately, his work has been put on hold since the cyber attack, and no one knows when the facilities will be back online.
Working Around the Bottleneck
In a bid to help remote researchers, NOIRLab staff is making an effort to make as many on-site observations as possible.
Of course, they can’t continue on-site observations for long. So, the NOIRLab cybersecurity team is working tirelessly to make sure the vulnerabilities are addressed. Also, some institutions are considering flying their graduate students to Chile to conduct the on-site observations themselves.
Why Would Anyone Want to Attack a Research Observatory?
Pinpointing the rationale for the attack has troubled cybersecurity experts. The NSF telescopes are not being used for some spectacular or top-secret research, so it begs the question of why cyber attackers would make the facility a target.
A former head of the NSF Cybersecurity Center is of the opinion that the attackers may be unaware of the kind of facility being attacked.
Preventing Future Attacks
Cybersecurity experts have pointed out the necessity of high-end security architecture and software for facilities like the NSF telescopes. Sure, their research may not inherently be something to shroud in secrecy.
However, vulnerabilities like the recent one have to be checked by all available means. Also, beyond the deployed cybersecurity features, human users will have to check exposure to vulnerabilities on their own end.