The ALMA Observatory in Chile suspended observation operations after a cyber attack on October 29th. Comprised of 66 radio telescopes 12m in diameter arranged in two arrays, it is the world's most expensive ground telescope. As the ALMA Observatory is used by scientific teams across the world, the halt in operations will impact many ongoing operations. The observatory has aided in planetary formation studies, the Event Horizon project, and is used to observe molecular gas and dust.
With limited staff resources and IT budgets, the attack on the observatory's computer systems was another example of a public sector institution being targeted. Observatory staff informed the public that the attack did not compromise any scientific data or the ALMA antennas. Given the nature of the episode, staff were unable to provide an estimated date for a return to normal operations.
Chris Vaughan, Tanium, shared his thoughts on the news:
“ALMA is the world's most powerful telescope for observing molecular gas and dust, so seeing its operations halted due to a cyber attack is concerning. It’s another unfortunate example of a public sector institution being targeted which is likely working with very limited IT budgets and staff resources.
Despite these constraints, there is plenty that organizations like ALMA can do to thwart attacks and keep data secure. One of the critical focus areas should be gaining full visibility of the network. Many organizations operating in the age of mass remote working aren’t able to see all the devices connecting to their IT environment and which ones are vulnerable in some way. By having this visibility and ability to fix any weak points, attacks can often be repelled or if one does get through defenses then the impact can be minimized.
A high level of visibility should be utilized as part of a zero trust approach. This is where implicit trust is eliminated and the principle of ‘never trust, always verify’ is used. This means that strong authentication methods, network segmentation and lateral movement prevention is key. If these practices are embedded within an organization’s culture along with effective staff training then institutions like ALMA can carry on their fantastic work without costly interruptions caused by cyber threats."