Branchoria UFO Hackers UFO Hackers

The hacking cases, UFO claims, court battles, and evidence gaps behind a modern myth.

Within NASA Target

Why NASA Networks Look So Tempting

NASA's web of centres, contractors and research partners can make its systems attractive for hackers even without UFO mythology.

On this page

  • Centres, contractors and partner systems
  • Older remote access and weak security points
  • Why mundane cyber risk feeds dramatic stories
Preview for Why NASA Networks Look So Tempting

Introduction

In stories about UFO hackers such as Gary McKinnon, NASA is often portrayed as a single vault containing hidden secrets. In practice, one reason NASA has attracted intruders is far more mundane: it operates through a vast network of centres, laboratories, contractors, universities, mission partners and external researchers. That interconnected environment creates a large cyber attack surface. For a hacker searching for UFO evidence, classified technology or simply a way into a prestigious organisation, contractor and partner networks can appear more accessible than NASA’s core systems. The result is that ordinary cybersecurity weaknesses sometimes become entangled with extraordinary claims. Rather than proving hidden UFO programmes, many documented security concerns reveal the challenges of defending a sprawling scientific and engineering ecosystem. NASA Office of Inspector General+2NASA Office of Inspector General [oig.nasa.gov]oig.nasa.govOffice of Inspector General Cybersecurity Management and Oversight at the JetNASA Office of Inspector GeneralCybersecurity Management and Oversight at the Jet…June 17, 2019 — 18 Jun 2019 — This shortcoming enabl…Published: June 17, 2019

Attack Surface illustration 1

Why NASA Networks Look So Tempting

Centres, contractors and partner systems

NASA is not a single computer network. The agency relies on multiple field centres, research facilities, private aerospace contractors, academic institutions and international collaborators. Space missions routinely involve data sharing, remote access arrangements and technical cooperation across organisational boundaries. Every connection that allows scientists and engineers to work together can also become a potential security concern if not properly managed. [NASA Office of Inspector General]oig.nasa.govOffice of Inspector General Cybersecurity Management and Oversight at the JetNASA Office of Inspector GeneralCybersecurity Management and Oversight at the Jet…June 17, 2019 — 18 Jun 2019 — This shortcoming enabl…Published: June 17, 2019

The scale of this ecosystem has repeatedly appeared in government audits. NASA’s Office of Inspector General (OIG) has highlighted challenges involving partner access, interconnection agreements and visibility into devices connected to agency networks. A 2019 audit of the Jet Propulsion Laboratory (JPL), a federally funded research centre managed by the California Institute of Technology for NASA, found weaknesses in network segmentation and partner access controls. Investigators reported that a compromised external user system enabled unauthorised access into part of JPL’s mission network. The audit also found shortcomings in documenting security requirements for connected partner systems. [NASA Office of Inspector General]oig.nasa.govOffice of Inspector General Cybersecurity Management and Oversight at the JetNASA Office of Inspector GeneralCybersecurity Management and Oversight at the Jet…June 17, 2019 — 18 Jun 2019 — This shortcoming enabl…Published: June 17, 2019

From a hacker’s perspective, this complexity matters. An attacker does not necessarily need to target the most heavily protected NASA system directly. They may instead look for weaker points among contractors, research collaborators or externally connected systems. This is a common pattern across large organisations and is not unique to NASA, but NASA’s scientific prestige and extensive partnerships make it a particularly attractive target. [NASA Office of Inspector General]oig.nasa.govOffice of Inspector General Cybersecurity Management and Oversight at the JetNASA Office of Inspector GeneralCybersecurity Management and Oversight at the Jet…June 17, 2019 — 18 Jun 2019 — This shortcoming enabl…Published: June 17, 2019

The Man Who Hacked the U.S. Government

Channel: Newsthink · Views: 816.8K · Uploaded: March 2024 · Length: 18 minutes

Open on YouTube

Older remote access and weak security points

The McKinnon era illustrates how technological realities can shape later mythology. During the early 2000s, many organisations relied on remote administration tools and security practices that would now be considered inadequate. Public accounts of the McKinnon case frequently describe him finding vulnerable systems that used weak passwords or poorly secured remote-access software. The United States indictment alleged that he gained unauthorised access to numerous military and NASA systems between 2001 and 2002. [Wikipedia]WikipediaGary Mc KinnonGary Mc Kinnon

Discussions among cybersecurity practitioners often point to exposed remote-control services and weak authentication practices as key factors behind many successful intrusions of that period. While online commentary should not be treated as definitive evidence, it reflects a broader historical reality: organisations across government and industry were still adapting to the security demands of an increasingly connected internet. [Reddit]reddit.comHow Gary Mckinnon did what he did?: r/hacking18 votes, 27 comments. I know these guys are super rare, and also security was not t…

NASA’s own oversight reports show that cyber risk did not disappear after the McKinnon case. Audits and congressional testimony have documented recurring concerns involving network visibility, device management, legacy systems and the challenge of securing highly specialised technical environments. NASA’s OIG has repeatedly noted that ageing infrastructure and complex mission requirements can complicate cybersecurity improvements, while more recent reviews of NASA’s move toward a “zero trust” security model continue to identify challenges linked to legacy systems. NASA Office of Inspector General+2NASA Office of Inspector General [oig.nasa.gov]oig.nasa.govNASA Office of Inspector GeneralIG-25-004 - Audit of NASA's Zero Trust ArchitectureMarch 26, 2025 — 27 Mar 2025 — We assessed NASA's ZTA…Published: March 26, 2025

A striking example emerged from JPL in 2018, when attackers reportedly used an unauthorised device connected to the network to gain access and steal data relating to Mars missions. The incident highlighted how even a highly advanced research organisation can be affected by relatively ordinary cybersecurity failures involving network management and device oversight. [The Stack]thestack.technologyThe Stack NASA warned on IT security over insider threat riskThe StackNASA warned on IT security over insider threat risk - The StackMarch 28, 2022 — 28 Mar 2022 — The OIG's NASA insider threat warn…Published: March 28, 2022

Attack Surface illustration 2

Why Mundane Cyber Risk Feeds Dramatic Stories

The existence of genuine security weaknesses can unintentionally strengthen conspiracy narratives. When people hear that NASA networks have been breached, that contractors connect to agency systems, or that oversight reports have identified cybersecurity problems, it becomes easier for some observers to imagine that hidden UFO files might also be vulnerable.

However, there is an important distinction between access and evidence. Official reports document cybersecurity incidents, insecure connections and weaknesses in network management. They do not document the discovery of extraterrestrial spacecraft, secret alien archives or verified UFO cover-ups. The fact that a system can be accessed unlawfully does not establish what information is stored on it. NASA Office of Inspector General+2NASA Office of Inspector General [oig.nasa.gov]oig.nasa.govOffice of Inspector General Cybersecurity Management and Oversight at the JetNASA Office of Inspector GeneralCybersecurity Management and Oversight at the Jet…June 17, 2019 — 18 Jun 2019 — This shortcoming enabl…Published: June 17, 2019

The McKinnon story demonstrates this tension. His account became famous because it combined two independently believable elements: NASA really was a target of cyber intrusions, and NASA really did operate complex networks involving many connected organisations. Yet the leap from those realities to claims of hidden UFO evidence remains unsupported by publicly verifiable records. What the documented record shows most clearly is not a secret alien archive, but the persistent difficulty of defending a large, interconnected scientific enterprise against intrusion attempts. [Wikipedia+2Cybereason]WikipediaGary Mc KinnonGary Mc Kinnon

Ancient Aliens: Hacking NASA Secrets (Season 12, Episode 9) | History

Channel: HISTORY · Views: 1.6M · Uploaded: September 2018 · Length: 4 minutes 54 seconds

Open on YouTube

UK hacker to learn extradition fate

Channel: Al Jazeera English · Views: 20.8K · Uploaded: October 2012 · Length: 2 minutes 6 seconds

Open on YouTube

The Real Lesson of the Contractor Network Question

For readers interested in UFO hackers, the most useful takeaway is that NASA’s attractiveness as a target does not depend on UFO mythology. The agency combines valuable research, advanced technology, international partnerships, specialised contractors and decades of accumulated infrastructure. Those characteristics alone make it a high-value target for curiosity-driven hackers, criminals and state-linked actors alike. Congressional testimony and oversight reviews have repeatedly described NASA as facing a broad range of cyber threats, from opportunistic intruders to sophisticated adversaries. [nsarchive.gwu.edu+2GovInfo]nsarchive.gwu.eduNAS A Cybersecurity: An Examination of the Agency'sNASA Cybersecurity: An Examination of the Agency's…September 5, 2017 — by PK Martin · 2012 · Cited by 33 — In 2010 and 2011, NASA repo…Published: September 5, 2017

Seen through that lens, contractor networks are important not because they prove hidden UFO programmes exist, but because they illustrate how large technical organisations can become vulnerable through the very collaborations that make ambitious space exploration possible. The attack surface created by centres, contractors and partner systems helps explain why NASA appears so often in hacking stories—even when the reality behind those stories is far more ordinary than the legends that later grow around them. NASA Office of Inspector General+2NASA Office of Inspector General [oig.nasa.gov]oig.nasa.govOffice of Inspector General Cybersecurity Management and Oversight at the JetNASA Office of Inspector GeneralCybersecurity Management and Oversight at the Jet…June 17, 2019 — 18 Jun 2019 — This shortcoming enabl…Published: June 17, 2019

Attack Surface illustration 3

Amazon book picks

Further Reading

Books and field guides related to Why NASA Networks Look So Tempting. Use these as the next step if you want deeper reading beyond the article.

Browse more on Amazon: The Cuckoo's Egg Ghost in the Wires Sandworm

As an Amazon Associate I earn from qualifying purchases.

eBay marketplace picks

Marketplace Samples

Example marketplace items related to this page. Use the search link to explore similar finds on eBay.

Using USA
Browse more on eBay.co.uk

Example items shown for inspiration; availability and pricing can change. Branchoria may earn a commission if you purchase through outbound eBay links.

Endnotes

  1. Source: oig.nasa.gov
    Title: Office of Inspector General Cybersecurity Management and Oversight at the Jet
    Link: https://oig.nasa.gov/docs/IG-19-022.pdf
    Source snippet

    NASA Office of Inspector GeneralCybersecurity Management and Oversight at the Jet...June 17, 2019 — 18 Jun 2019 — This shortcoming enabl...

    Published: June 17, 2019

  2. Source: oig.nasa.gov
    Link: https://oig.nasa.gov/docs/IG-21-019.pdf
    Source snippet

    NASA Office of Inspector GeneralNASA's Cybersecurity Readiness18 May 2021 — To report, fraud, waste, abuse, or mismanagement, contact the...

    Published: May 2021

  3. Source: govinfo.gov
    Title: CHRG 116hhrg41348
    Link: https://www.govinfo.gov/content/pkg/CHRG-116hhrg41348/pdf/CHRG-116hhrg41348.pdf
    Source snippet

    Past data breaches and system intrusions at NASA and its facilities have resulted in large amounts of stolen data...

  4. Source: Wikipedia
    Title: Gary [Mc Kinnon]({{ ‘mc-kinnon/’ | relative_url }})
    Link: https://en.wikipedia.org/wiki/Gary_McKinnon

  5. Source: reddit.com
    Link: https://www.reddit.com/r/hacking/comments/1etqs6b/how_gary_mckinnon_did_what_he_did/
    Source snippet

    How Gary Mckinnon did what he did?: r/hacking18 votes, 27 comments. I know these guys are super rare, and also security was not t...

  6. Source: oig.nasa.gov
    Link: https://oig.nasa.gov/docs/testimony062403.pdf
    Source snippet

    NASA Office of Inspector GeneralCyber SecurityMy statement focuses on three areas: • Key information technology (IT) security challenges...

  7. Source: oig.nasa.gov
    Link: https://oig.nasa.gov/wp-content/uploads/2025/03/final-report-ig-25-004-audit-of-nasas-zero-trust-architecture.pdf?emrc=681ec2a715325
    Source snippet

    NASA Office of Inspector GeneralIG-25-004 - Audit of NASA's Zero Trust ArchitectureMarch 26, 2025 — 27 Mar 2025 — We assessed NASA's ZTA...

    Published: March 26, 2025

  8. Source: cybereason.com
    Link: https://www.cybereason.com/blog/malicious-life-podcast-the-u.s-vs.-gary-mckinnon
    Source snippet

    Malicious Life Podcast: The U.S. vs. Gary McKinnonGary McKinnon, a British hacker with Asperger's, broke into NASA and U.S. Arm...

  9. Source: nsarchive.gwu.edu
    Title: NAS A Cybersecurity: An Examination of the Agency’s
    Link: https://nsarchive.gwu.edu/sites/default/files/documents/3986435/United-States-Congress-Statement-of-Paul-K.pdf
    Source snippet

    NASA Cybersecurity: An Examination of the Agency's...September 5, 2017 — by PK Martin · 2012 · Cited by 33 — In 2010 and 2011, NASA repo...

    Published: September 5, 2017

  10. Source: oig.nasa.gov
    Link: https://oig.nasa.gov/audits/
    Source snippet

    Reports - NASA OIGThe Office of Audits conducts independent and objective audits, reviews, and other examinations to improve economy, eff...

  11. Source: oig.nasa.gov
    Title: 2024 report on nasas top management and performance challenges
    Link: https://oig.nasa.gov/wp-content/uploads/2024/11/2024-report-on-nasas-top-management-and-performance-challenges.pdf
    Source snippet

    NASA OIG Hotline at 800-424-9183 or. 800-535-8134 (TDD) or visit [https://oig.nasa.gov/hotline.html](https://oig.nasa.gov/hotline.html). You can also write to NASA Inspector...

  12. Source: oversight.gov
    Title: NAS A OIG Semiannual Report
    Link: https://www.oversight.gov/sites/default/files/documents/reports/2025-05/sar-2025-spring.pdf
    Source snippet

    NASA OIG Semiannual Report - Spring 202531 May 2025 — NASA's Office of Inspector General (OIG) is committed to providing independent, obj...

    Published: May 2025

  13. Source: aerospace.org
    Link: https://aerospace.org/sites/default/files/2022-07/DistroA-TOR-2021-01333-Cybersecurity%20Protections%20for%20Spacecraft-A%20Threat%20Based%20Approach.pdf
    Source snippet

    Establishes Agency-level protection requirements to ensure NASA missions are resilient to threats and is applicable to all NASA programs...

  14. Source: thestack.technology
    Title: The Stack NASA warned on IT security over insider threat risk
    Link: https://www.thestack.technology/nasa-insider-threat-oi/
    Source snippet

    The StackNASA warned on IT security over insider threat risk - The StackMarch 28, 2022 — 28 Mar 2022 — The OIG's NASA insider threat warn...

    Published: March 28, 2022

Additional References

  1. Source: podmust.com
    Link: https://podmust.com/ep/?epis=R2FyeSBNY0tpbm5vbjogVGhlIEhhY2tlciBXaG8gRm91bmQgTkFTQSdzIFVGTyAmIE5vbi1UZXJyZXN0cmlhbCBPZmZpY2Vycw%3D%3D&podcast=the-daily-conspiracy
    Source snippet

    Gary McKinnon: The Hacker Who Found NASA's UFO &...Podcast episode from The Daily Conspiracy Podcast: Gary McKinnon: The Hacker Who Foun...

  2. Source: meritalk.com
    Title: unauthorized device access leaving nasa systems vulnerable agency ig says
    Link: https://www.meritalk.com/articles/unauthorized-device-access-leaving-nasa-systems-vulnerable-agency-ig-says/
    Source snippet

    Unauthorized Device Access Leaving NASA Systems...28 Aug 2020 — According to a new report by NASA's Office of Inspector General (OIG), N...

  3. Source: linkedin.com
    Title: nasas network security breaches brief history michael benis
    Link: https://www.linkedin.com/pulse/nasas-network-security-breaches-brief-history-michael-benis
    Source snippet

    NASA's Network Security Breaches: A Brief HistoryIn 2008, BusinessWeek reported on a series of cyber attacks against NASA's computer netw...

  4. Source: cigionline.org
    Title: the ungoverned space of us space cyber governance
    Link: https://www.cigionline.org/articles/the-ungoverned-space-of-us-space-cyber-governance/
    Source snippet

    The Ungoverned Space of US Space-Cyber Governance29 Jan 2023 — An essay series that explores space governance through three themes: space...

  5. Source: drops.dagstuhl.de
    Title: de Protecting Space Systems from Cyber Threats
    Link: https://drops.dagstuhl.de/storage/04dagstuhl-reports/volume15/issue03/25101/DagRep.15.3.1/DagRep.15.3.1.pdf
    Source snippet

    Space Systems from Cyber Threats - DROPSby A Abbasi · 2025 · Cited by 1 — This talk provides an overview of NASA STD-1006A (NASA's space...

  6. Source: industrialcyber.co
    Link: https://industrialcyber.co/threats-attacks/nasa-releases-space-security-best-practices-guide-for-mission-cybersecurity-in-interconnected-space/
    Source snippet

    January 03, 2024. NASA releases Space...Read more...

    Published: January 3, 2024

  7. Source: open.spotify.com
    Link: https://open.spotify.com/episode/2LZGAMH9z5B6QMncEu9sCD
    Source snippet

    Grusch & NASA Hacker Gary McKinnon: The Alien...11 Aug 2025 — of British hacker Gary McKinnon, who claims to have breached NASA and U.S...

  8. Source: gao.gov
    Title: gao 24 106624
    Link: https://www.gao.gov/products/gao-24-106624
    Source snippet

    NASA Cybersecurity: Plan Needed to Update Spacecraft...1 May 2024 — GAO recommends NASA develop a plan with time frames to update its sp...

    Published: May 2024

  9. Source: theguardian.com
    Link: https://www.theguardian.com/theguardian/2005/jul/09/weekend7.weekend2
    Source snippet

    Game over | Gary McKinnon9 Jul 2005 — Gary McKinnon has been accused of committing the 'biggest military computer hack of all time', and...

  10. Source: youtube.com
    Title: NASA, a GREYCORTEX Video Case Study
    Link: https://www.youtube.com/watch?v=OqFNajdVXvI
    Source snippet

    He Hacked NASA & The Pentagon at 15. By 24, He took his life. (The Full Story)...

Topic Tree

Follow this branch

Parent topic

NASA Target Why UFO Hackers Keep Looking at NASA

Related pages 5