recommended reading

Audit Finds 'Hostile Probes,' Breaches of Weather Satellite System

A satellite image of the United States taken with NASA satellites and NOAA's Joint Polar Satellite System.

A satellite image of the United States taken with NASA satellites and NOAA's Joint Polar Satellite System. // NASA/NOAA

Updated: This story was updated with comment from a NOAA spokesman. 

The nation's weather satellite program over the course of a year suffered 10 data security incidents, including unauthorized access and probes by adversaries, according to a congressional auditor.

The $11.3 billion Joint Polar Satellite System is set to launch the program’s first next-gen spacecraft, the JPSS-1, in March 2017.

But the ground stations that handle satellite communications and data processing "remain at high risk of compromise," David Powner, the Government Accountability Office's director of IT management issues, said in a new report. 

The satellite program, which is run by the National Oceanic and Atmospheric Administration, feeds prediction models and aids weather forecasters on the ground.

"NOAA has experienced several recent information security incidents regarding unauthorized access to Web servers and computers," Powner said in the audit, released Tuesday. The six episodes now considered closed matters "involved hostile probes, improper usage, unauthorized access, password sharing, and other IT-related security concerns."

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

On Wednesday, NOAA declined to provide more information due to national security.

"While NOAA cannot publicly comment on these specific incidents, due to reasons related to national security, all cyber security threats are taken seriously and addressed quickly. NOAA remains committed to maintaining the highest possible level of information security," agency spokesman John Leslie said in an emailed statement to Nextgov.

The Government Accountability Office had directed Nextgov to the agency for specifics, because of the sensitivity of the issue.

According to the audit, there is a discrepancy between the program office and agency incident response team over how many of the 10 cases have been handled fully. 

Two of the four incidents the JPSS program office recommended be closed remain open. The NOAA incident response team ultimately is responsible for acting on the recommendation, according to the program office. 

"Until NOAA and the JPSS program have a consistent understanding of the status of incidents, there is an increased risk that key vulnerabilities will not be identified or properly addressed," as well as "tracked to closure,” Powner said.

Agency officials told Powner work is underway on a new tool to improve the uniformity and timeliness of incident tracking.

The ground system is highly susceptible to compromise because, among other things, the agency has not executed nearly half of the recommended standard security controls and has not patched key vulnerabilities, the audit states.

As of August 2015, there were 1,400 critical and high-risk vulnerabilities that included outdated software, an obsolete Web server and old antivirus definitions. NOAA, which is part of the Commerce Department, is not scheduled to finish fixing the security holes until August of this year and January 2017.

By that time, the vulnerabilities will have been open to potential attack for between 17 and 22 months longer than required by the government, according to the audit.

Commerce Deputy Secretary Bruce Andrews, in a written response to the auditors, agreed with the findings but said “resource constraints and shifting priorities” have hampered efforts to keep pace with changing cybersecurity requirements and to avoid schedule slippages.

“We are responding to these challenges by working to establish repeatable processes and resilient information architecture that together enable mission achievement," he added. 

NOAA is no stranger to network intrusions, like much of the federal government. Four agency websites were breached in fall 2014 by an Internet-based attack. 

Then, Rep. Frank Wolf, R-Va., said NOAA told him the incident was tied to the Chinese government. In 2013, a hacker stole national environmental satellite data from a contractor's PC

JPSS-1’s timely launch is critical to ensuring the agency's weather forecasts are accurate. NOAA’s current crop of joint polar-orbiting satellites are aging and have been running on borrowed time for years

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    View
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    View
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    View
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    View
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    View
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    View

When you download a report, your information may be shared with the underwriters of that document.