ESA calls cops as crims lift off 500 GB of files, say security black hole still open

Why isn't this sort of data in an air-gapped/closed network?

"ESA calls cops"

Sorry guys, but the police are not going to be of any aid on this issue.

What they know is biometric forensics, how to shake down an "informant" (aka, criminal left loose because his info is worth more than throwing him into jail), or how to block roads so that "important" people can drive through unmolested by ignorant "citizens", aka the very people they are supposed to be working for (hey, you were elected, right ? You weren't elected to play king, you were elected to serve).

What needs to be done is double the IT budget, hire sombody who actually knows something about securing networks, and getting on with business.

Priorities

Having sat in an ESA meeting room on a very hot day when said building didn’t appear even to be fitted with aircon, I can understand if they are short handed in the cyber area, even if they can send all sorts of kit into very challenging environments. Remember they have to go cap in hand to the ministers of ESA nations every few years, so you can imagine the internal conversations.

Another stunning success for the EU and its ambitions for world domination!

Cue press releases saying:

'We take security seriously'

'Lessons will be learned'

"the stolen files allegedly include sensitive information about various space programs and ESA missions such as Greece's national space program, ESA's Next Generation Gravity Mission, its FORUM (Far-infrared Outgoing Radiation Understanding and Monitoring) Earth Explorer Mission, and TRUTHS (Traceable Radiometry Underpinning Terrestrial- and Helio-Studies)."

Information so sensitive they didn't bother to secure it!

ESA

Extremely Security Amateurish

ridiculous.

this group shinyhunters or scattered lapsus hunters seems to be unstoppable. these guys keep pulling off consistent high impact supply chain attacks lol what if they are secretly state sponsored gone rogue/criminal?

ESA is a big organization. Space agency. Very sophisticated. Very impressive. But they had a problem. A serious problem.

In December, someone got in. A hacker. A bad actor. He didn’t go into the main systems, they say. He went into the smaller servers. The external ones. The ones people don’t worry about enough.

He looked around and said, “Wow. This is easy.”

And he took data. A lot of data. Code, documents, credentials. Huge amounts. Then he went online and told everyone about it. Very unprofessional. Very disrespectful.

ESA said it was limited. They said critical systems were not affected. And maybe that’s true. But if someone gets inside, you already have a problem. I don’t care if it’s the garage or the kitchen. If they’re inside, you failed.

Then January comes. After the holidays. Nice holidays, by the way. And someone says, “Wait a second. Let’s check this again.”

They check again.

And they realize it’s more serious than they thought.

Now you have investigators. You have law enforcement. You have experts going through logs, systems, emails. Very serious people. Very serious faces. Because now it’s not a small issue anymore.

People ask me, “Were the satellites hacked?”

No. No satellites. Nothing exploded. Nothing fell out of the sky. Space is fine.

But here’s the thing. If they got data, they got leverage. And leverage means power. And power in the wrong hands is not good. Not good at all.

This happened because someone, somewhere, said, “This system is not important.” That’s always the mistake. Hackers don’t attack what’s strongest. They attack what’s weakest. Every single time.

Two incidents. December and January. Embarrassing. Fixable. But it should never have happened.

Security has to be strong. If you’re weak, they get in.

"Drink from the Firehose, Timmy!"

I doubt some startup company is going to slog through 500GB of confidential/proprietary data and use that 'advantage' to do space-related things faster, cheaper, and better.