Huge cyberattack disables telescopes in Hawaii and Chile

National Science Foundation-funded telescopes in Chile and Hawaii have been the victim of a curious cyberattack, ceasing operations at many of them.
Christopher McFadden
Telescopes in Hawaii
Telescopes in Hawaii

Paxton Tomko / Unsplash  

A major cyberattack has shut down remote connections to prominent National Science Foundation (NSF) space telescopes worldwide, Science reports. Ten telescopes have been impacted for over two weeks now, with on-site operatives able to keep some operational, albeit less efficiently. The shutdowns are causing chaos in the astronomy sphere, with many essential windows of opportunity being missed for space observations. While incredibly frustrating for researchers relying on the telescopes, experts are still none the wiser about why the telescopes were targeted.

"NOIRLab is continuing its efforts to diligently investigate and resolve the 1 August cybersecurity incident that occurred in its computer systems. This incident resulted in the temporary shutdown of Gemini North and South telescopes and some of the smaller telescopes on Cerro Tololo in Chile," explained NOIRLab (the NSF-run coordinating center for ground-based astronomy) in a press release update.

"The telescopes on Kitt Peak in Arizona are unaffected. The website is also currently offline. Our staff are working with cybersecurity experts to get all the impacted telescopes and our website back online as soon as possible and are encouraged by the progress made thus far," they added.

Cyberattack causes chaos

Due to the ongoing shutdown, research teams are collaborating to find alternatives as crucial observation windows become unattainable. As remote control of many telescopes is no longer available, some groups may now have to send graduate students to places in Chile to relieve exhausted on-site staff who have spent the past two weeks directly operating instruments, explains Science.

“We’re all in this together,” explained Gautham Narayan, an astronomer at the University of Illinois Urbana-Champaign whose team is trying to save its chance to observe new supernovas using one of the affected Chilean telescopes. "[The astronomy community has a] grim determination to press on despite the trying circumstances,” he added. 

On the 1st of August, 2023, NOIRLab announced that its Gemini North telescope in Hilo, Hawaii, was hit by a cyberattack. In response to the incident, NOIRLab shut down operations at the International Gemini Observatory, home to the Hilo telescope and its twin, Gemini South, located on Cerro Pachón mountain in Chile. Thankfully, the latter was already offline for a planned outage.

NOIRLab has also disconnected its computer network from the Mid-Scale Observatories (MSO) network on Cerro Tololo and Cerro Pachón in Chile. This made remote observations impossible at various telescopes, including the Víctor M. Blanco 4-meter and SOAR telescopes. As a result, NOIRLab has stopped observations at eight other affiliated telescopes in Chile.

Motive unknown

NOIRLab has not released any further information about the incident, even to its employees. Cybersecurity experts are puzzled as to why the attacker targeted Gemini North. Von Welch, retired lead of the NSF Cybersecurity Center of Excellence, suggests that the attacker may not even realize they are attacking an observatory.

Astronomers are motivated to enhance cybersecurity practices to secure their facilities despite the lack of information on how the Gemini North and NOIRLab systems were compromised. Narayan suggested the entire astronomical community rethink how it manages identity and access software and consider the damage that something as simple as a lost password can cause.

“It doesn’t help if you build the strongest, most impenetrable fortress in the world if you forget to lock even a single door or window,” says Patrick Lin, who leads an NSF-funded space cybersecurity grant at California Polytechnic State University. “The weakest link is often with us, the humans," he added.

Add Interesting Engineering to your Google News feed.
Add Interesting Engineering to your Google News feed.
message circleSHOW COMMENT (1)chevron
Job Board