Hackers Target ALMA Observatory with Cyber Attack

In addition to providing critical services via satellite communications, space systems also are a valuable tool for scientific and research purposes and can be an attractive target for cyber criminals. This month, the Atacama Large Millimeter Array (ALMA) astronomical observatory in northern Chile reported a cyberattack that occurred on October 29th targeting their computer systems. ALMA is a powerful earth observation system that collects valuable data to support ongoing studies critical to natural sciences and astrobiology.

The attack forced the observatory to suspend some of its normal functions, most notably its astronomical observations. ALMA also noted that the attack has disrupted the functionality of its website and email servers. The observatory indicated that given the nature of the episode, it is not yet possible to estimate a timeframe for the return to regular activities. Thankfully, ALMA officials reported that the unspecified cyberattack did not compromise ALMA’s antennas or any of its scientific data. ALMA officials also reported that the threat was contained quickly, but efforts are still underway to regain full operational capabilities. According to ALMA, no threat actor, group, or organization has claimed responsibility for the attack.

While there is little known about the specifics of the cyberattack, nation state actors have shown a preponderance for targeting high value scientific and proprietary data supporting research efforts. Cyberattacks on research centers have been seen in recent years, as was the case with Spain’s leading scientific research center, which was targeted by a cyberattack earlier this year, as well as the University of California at San Francisco, who’s network fell victim to a ransomware attack, locking out their servers for an extended period of time.

Analysts note that this is not the first time hackers have targeted telescopes. In August 2022, hackers successfully emplaced malware into an image from the James Webb Space Telescope, as part of a broader hacking campaign. This particular hack involved a phishing email, a phony Microsoft Office attachment, and SMACS 0723, the first full-color image from the Webb Space Telescope, which was unveiled earlier this summer.

Space systems can play a critical role in scientific research, as many astronomy centers like ALMA capture valuable space-based data that can’t be replicated using other means of collection. The ALMA observatory was built with a $1.4 billion investment and is currently the most expensive terrestrial-based telescope in existence. Analysts note that this observatory is one of 5 active radio astronomy sites actively using ‘interferometry’, a technique that measures the time difference between light captured by multiple antennas to create imaging. ALMA has the broadest bandwidth out of the five observatories using this technology, analyzing signals from 31 GHz to 950 GHz. Adversaries looking to gain a competitive edge in space may find it advantageous to mute this large array of visibility. Disrupting the high frequency critical capabilities of the ALMA observatory may be a potential motivating factor for the cyberattack, as well as the multitude of investment from international partners from Canada, Japan, the European Union, South Korea, and Taiwan.

Read more from Space ISAC.