recommended reading

Audit Finds 'Hostile Probes,' Breaches of Weather Satellite System

A satellite image of the United States taken with NASA satellites and NOAA's Joint Polar Satellite System.

A satellite image of the United States taken with NASA satellites and NOAA's Joint Polar Satellite System. // NASA/NOAA

Updated: This story was updated with comment from a NOAA spokesman. 

The nation's weather satellite program over the course of a year suffered 10 data security incidents, including unauthorized access and probes by adversaries, according to a congressional auditor.

The $11.3 billion Joint Polar Satellite System is set to launch the program’s first next-gen spacecraft, the JPSS-1, in March 2017.

But the ground stations that handle satellite communications and data processing "remain at high risk of compromise," David Powner, the Government Accountability Office's director of IT management issues, said in a new report. 

The satellite program, which is run by the National Oceanic and Atmospheric Administration, feeds prediction models and aids weather forecasters on the ground.

"NOAA has experienced several recent information security incidents regarding unauthorized access to Web servers and computers," Powner said in the audit, released Tuesday. The six episodes now considered closed matters "involved hostile probes, improper usage, unauthorized access, password sharing, and other IT-related security concerns."

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

On Wednesday, NOAA declined to provide more information due to national security.

"While NOAA cannot publicly comment on these specific incidents, due to reasons related to national security, all cyber security threats are taken seriously and addressed quickly. NOAA remains committed to maintaining the highest possible level of information security," agency spokesman John Leslie said in an emailed statement to Nextgov.

The Government Accountability Office had directed Nextgov to the agency for specifics, because of the sensitivity of the issue.

According to the audit, there is a discrepancy between the program office and agency incident response team over how many of the 10 cases have been handled fully. 

Two of the four incidents the JPSS program office recommended be closed remain open. The NOAA incident response team ultimately is responsible for acting on the recommendation, according to the program office. 

"Until NOAA and the JPSS program have a consistent understanding of the status of incidents, there is an increased risk that key vulnerabilities will not be identified or properly addressed," as well as "tracked to closure,” Powner said.

Agency officials told Powner work is underway on a new tool to improve the uniformity and timeliness of incident tracking.

The ground system is highly susceptible to compromise because, among other things, the agency has not executed nearly half of the recommended standard security controls and has not patched key vulnerabilities, the audit states.

As of August 2015, there were 1,400 critical and high-risk vulnerabilities that included outdated software, an obsolete Web server and old antivirus definitions. NOAA, which is part of the Commerce Department, is not scheduled to finish fixing the security holes until August of this year and January 2017.

By that time, the vulnerabilities will have been open to potential attack for between 17 and 22 months longer than required by the government, according to the audit.

Commerce Deputy Secretary Bruce Andrews, in a written response to the auditors, agreed with the findings but said “resource constraints and shifting priorities” have hampered efforts to keep pace with changing cybersecurity requirements and to avoid schedule slippages.

“We are responding to these challenges by working to establish repeatable processes and resilient information architecture that together enable mission achievement," he added. 

NOAA is no stranger to network intrusions, like much of the federal government. Four agency websites were breached in fall 2014 by an Internet-based attack. 

Then, Rep. Frank Wolf, R-Va., said NOAA told him the incident was tied to the Chinese government. In 2013, a hacker stole national environmental satellite data from a contractor's PC

JPSS-1’s timely launch is critical to ensuring the agency's weather forecasts are accurate. NOAA’s current crop of joint polar-orbiting satellites are aging and have been running on borrowed time for years

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.