Who is behind this and what are the implications for astronomy?
Two giant optical infrared observatories belonging to the US National Science Foundation (NSF) were forced to stop their work due to suspicious activity in their computer systems. The cyberattack, discovered on August 1, affected the Gemini North telescope in Hawaii and Gemini South in Chile, as well as several smaller telescopes on Mount Cerro Tololo in Chile. According to NSF representatives, the decision to suspend the observatories was made “out of an abundance of caution”, and it is not yet known when they will work again.
The Gemini North and Gemini South telescopes are among the most powerful and advanced in the world. They have a mirror diameter of 8.1 meters and are able to observe distant objects in the infrared range. With their help, scientists study such phenomena as black holes, exoplanets, dark matter and dark energy. Every day of downtime of observatories costs science not only money, but also lost data. Astronomical research often requires precise synchronization of operations, so any disruptions can jeopardize entire scientific projects if enough critical observation windows are missed.
It is not yet clear what the purpose of the cyberattack was or where it came from. ” It's possible that the attacker doesn't even know they're attacking the observatory, " said Vaughn Welch, former head of the NSF Center for Cybersecurity Excellence. This is one of the first cases of ransomware infecting a research facility, but hacking astronomical observatories is nothing new. In October 2022, hackers gained access to the ALMA observatory in Chile via a VPN, forcing it to close for several months with losses of about 250 thousand dollars a day. It is assumed that this was an attempt to extort money from a consortium of observatory operators. Even earlier, in 2019, an unauthorized Raspberry Pi connected to NASA's Jet Propulsion Laboratory computers provided illegal access to the Deep Space Network, forcing the Johnson Center to disconnect its own mission systems from the gateway.
As the scientific infrastructure for studying the universe grows in size and complexity, and projects expand in scale, more money will have to be spent on protecting the information technology at its core, as attacks become more sophisticated. NOIRLab employees said they are working with cybersecurity experts to restore all affected telescopes and their website as soon as possible, and hope for a positive result.
Two giant optical infrared observatories belonging to the US National Science Foundation (NSF) were forced to stop their work due to suspicious activity in their computer systems. The cyberattack, discovered on August 1, affected the Gemini North telescope in Hawaii and Gemini South in Chile, as well as several smaller telescopes on Mount Cerro Tololo in Chile. According to NSF representatives, the decision to suspend the observatories was made “out of an abundance of caution”, and it is not yet known when they will work again.
The Gemini North and Gemini South telescopes are among the most powerful and advanced in the world. They have a mirror diameter of 8.1 meters and are able to observe distant objects in the infrared range. With their help, scientists study such phenomena as black holes, exoplanets, dark matter and dark energy. Every day of downtime of observatories costs science not only money, but also lost data. Astronomical research often requires precise synchronization of operations, so any disruptions can jeopardize entire scientific projects if enough critical observation windows are missed.
It is not yet clear what the purpose of the cyberattack was or where it came from. ” It's possible that the attacker doesn't even know they're attacking the observatory, " said Vaughn Welch, former head of the NSF Center for Cybersecurity Excellence. This is one of the first cases of ransomware infecting a research facility, but hacking astronomical observatories is nothing new. In October 2022, hackers gained access to the ALMA observatory in Chile via a VPN, forcing it to close for several months with losses of about 250 thousand dollars a day. It is assumed that this was an attempt to extort money from a consortium of observatory operators. Even earlier, in 2019, an unauthorized Raspberry Pi connected to NASA's Jet Propulsion Laboratory computers provided illegal access to the Deep Space Network, forcing the Johnson Center to disconnect its own mission systems from the gateway.
As the scientific infrastructure for studying the universe grows in size and complexity, and projects expand in scale, more money will have to be spent on protecting the information technology at its core, as attacks become more sophisticated. NOIRLab employees said they are working with cybersecurity experts to restore all affected telescopes and their website as soon as possible, and hope for a positive result.
