A user by the social media handle “7h3h4ckv157” has claimed to have successfully (and ethically) hack into NASA. The article states that this was not the first time this user has performed a breach into NASA’s systems. By thoroughly and responsibly reporting the flaws to NASA, they received a significant letter of appreciation from the Senior Agency Information Security Officer. The outlet that allows people to try and report issues with security are programs such as the “Vulnerability Disclosure Programs” or known as “VDP”. These programs allow organizations like NASA to refine their security procedures, hardware, software and practices.
By allowing the community outside of NASA to try and break into their systems in an ethical manner is an extremely effective program that I believe other companies also like to incorporate. Having other hackers expose systems brings fresh approaches into how organizations like NASA should be looking into how it handles its cyber security. By promoting and rewarding ethical hacking is certainly a positive action for these organizations as signaling that collaboration with independent security researchers is vital to address them before malicious attempts are performed. Unfortunately, NASA nor the user specified how and what exactly was able to be hack (definitely purposely). Through more research I see that many other large companies such as Google, Apple and IBM participate in similar programs. Instead of a letter, a majority of these companies will actually reach out and hire these individuals as a reward.