A 20-year-old Bachelor of Computer Applications (BCA) student from Chennai has made headlines for ethically hacking into the email system of the National Aeronautics and Space Administration (NASA). Impressed by his skills, NASA has sent him an appreciation letter.

"While exploring NASA's website, I found a way to access their server. This allowed anyone to connect to NASA's server. I was able to send emails as if they were from NASA, without any password," said Magashwarahan, a student at the Hindustan Institute of Technology and Science.

The email system that Magashwarahan hacked was being used by one of NASA's divisions. Despite gaining unauthorized access, he responsibly disclosed the vulnerability to NASA through the Bugcrowd platform, adhering to their Vulnerability Disclosure Policy (VDP).

"On behalf of NASA, we would like to acknowledge your efforts in identifying the vulnerability and following NASA's VDP policy and guidelines," responded Mike Witt, Senior Information Security Officer at NASA. Magashwarahan received this response on September 18th.

"Your report has helped raise awareness of unknown vulnerabilities within NASA. It has helped us protect NASA's information. Please accept this letter as a token of our appreciation for your efforts," Witt added.

Under NASA's Vulnerability Disclosure Policy (VDP), Magashwarahan's discovery was classified as a high-medium bug. Prompt action was taken to fix the bug and secure the server.

Commenting on this achievement, Asokan, Dean of Aerospace Engineering at the Hindustan Institute of Technology and Science, said, "VDP is NASA's challenge to improve security measures. Receiving a letter of appreciation from NASA is a rare achievement."

Previously, Magashwarahan was commended by the United Nations for identifying and reporting a security flaw in a key UN business data and personal information repository.