World's Most Expensive Observatory Floored by Cyber-Attack

Written by

The world-famous Atacama Large Millimeter Array (ALMA) observatory in Chile has become the latest unlikely victim of a cyber-attack, forcing it offline.

The facility, which also claims to house the world’s most powerful telescope for observing molecular gas and dust, revealed the incident on Twitter earlier this week.

It said the attack on its computer systems came last Saturday, “forcing the suspension of astronomical observations and the public website.”

At the time of writing, the official ALMA website was still down.

“There are limited email services at the observatory. The threat has been contained, and our specialists are working hard to restore affected systems. The attack did not compromise the ALMA antennas or any scientific data,” it explained.

“Given the nature of the episode, it is not yet possible to estimate a date for a return to regular activities. We are thankful for the support across the ALMA partnership and apologize for any inconveniences resulting from the recovery efforts.”

Kelvin Murray, senior threat researcher at OpenText Security Solutions, argued that space-related technology is increasingly a focus for threat actors.

“The cyber-attack on the ALMA radio telescope is a stark reminder that no matter the industry, cyber-defenses need to be regularly assessed and updated to ensure that hacks like these don’t happen,” he added.

“As digital equipment and software develops, the industry needs to keep cyber risk top of mind and continually assess the strength of its defenses. The consequence of the breach cannot be undermined.”

It remains to be seen what kind of attack the observatory suffered, although ransomware would be an obvious candidate given the facility was forced offline.

Chris Vaughan, VP of technical account management EMEA at Tanium, argued that ALMA was likely working with “very limited” IT budgets and staff.

“A high level of network visibility should be utilized as part of a zero-trust approach. This is where implicit trust is eliminated and the principle of ‘never trust, always verify’ is used,” he advised.

“This means that strong authentication methods, network segmentation and lateral movement prevention is key. If these practices are embedded within an organization’s culture along with effective staff training, then institutions like ALMA can carry on their fantastic work without costly interruptions caused by cyber-threats.”

ALMA is believed to have cost around $1.4bn to build.

What’s hot on Infosecurity Magazine?