Hackers Target Telescopes, Forcing Them to Pause Operations

Two major telescopes in Hawaii and Chile and a handful of smaller observatories have been offline for weeks following an apparent cyberattack

Two telescopes in the night
Gemini South on the summit of Cerro Pachón in Chile (left) and Gemini North on the summit of Maunakea in Hawai’i (right). Gemini / NSF / AURA

Hackers have launched an apparent cyberattack on the computer systems of major space telescopes in both Chile and Hawaii, prompting them to temporarily shut down, according to a statement from the National Science Foundation’s National Optical-Infrared Astronomy Research Laboratory (NOIRLab).

On August 1, NOIRLab officials detected a “cyber incident,” the astronomy center wrote. “Quick reactions by the NOIRLab cyber security team and observing teams prevented damage to the observatory.”

Still, the laboratory suspended operations on its International Gemini Observatory telescopes and a handful of smaller telescopes as a precaution. NOIRLab also took the Gemini website, gemini.edu, offline. Observatories stationed on Kitt Peak in Arizona were unaffected, per the lab. 

“Like the entire astronomy community, we are disappointed that some of our telescopes are not currently observing,” NOIRLab said in an update on August 24. “Fortunately, we have been able to keep some telescopes online and collect data with in-person workarounds.” 

The International Gemini Observatory consists of twin 8.1-meter diameter telescopes called Gemini North and Gemini South, located atop mountains in Hawaii and Chile, respectively. Together, the two telescopes can access nearly the entire sky. The pair of telescopes has helped astronomers view an array of celestial events, including the births of supernovae. In 2022, researchers using Gemini North made observations of the closest-known black hole to Earth. Astronomers have also used the telescopes to discover that stars with planets have less lithium than those without.

The nature of the attacks is still a mystery, and NOIRLab has remained tight-lipped about the incident, even to its staff, report Celina Zhao and Tanvi Dutta Gupta for Science. But the shutdown has been disruptive to scientists who rely on the telescopes for research projects.

“When people are like, ‘Oh, where’s the data?’ Then I’ll have to say, ‘Well, I don’t have any data, because a hacker somewhere took down the computer,’” Luis Welbanks, an astronomy researcher at Arizona State University, tells Science. “I don’t know if any hiring committee will be sympathetic to that.” 

Welbanks tells the publication that astronomers already have to contend with unforeseen events like weather and power outages. “We’re lucky enough to make it through a regular night,” he says to Science. “But now we have to consider the cybersecurity implications.”

Roughly two weeks after the incident with NOIRLab telescopes, the United States National Counterintelligence and Security Center released a bulletin about the threat of cyberattacks to American space companies and research groups, reports Space.com’s Brett Tingley.

Intelligence agencies in other countries “recognize the importance of the commercial space industry to the U.S. economy and national security, including the growing dependence of critical infrastructure on space-based assets,” per the bulletin.

In recent years, hackers have attacked other space observatories and agencies. In 2022, the Atacama Large Millimeter Array (ALMA) Observatory in Chile was hit with a ransomware attack that forced it offline for nearly two months. Ransomware attacks hold a victim’s data hostage in exchange for payment. In 2020, NASA was one agency targeted in a wider espionage campaign aimed at the U.S. government. 

Research institutions face unique security challenges because of their open and collaborative nature, per Science. But observatory staff have been “working around the clock to get the telescopes back into the sky,” a NOIRLab spokesperson tells the publication.

Get the latest stories in your inbox every weekday.