Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

For hackers, space is the final frontier

Friday, August 6, 2021

Categories: ASCF News Cyber Security

Comments: 0

Source: https://www.vox.com/recode/22598437/spacex-hackers-cyberattack-space-force

The Space Force, a military branch created during the Trump administration, is in charge of running and protecting military satellites. Samuel Corum/Getty Images

From offering joyrides for the ultra-rich to beaming the internet down to Earth, private space companies are very much open for business.

But some cybersecurity experts say this emerging industry is a giant target for hackers. Amid the surge in commercial rocket launches and a recent spike in ransomware attacks, cyberattacks aimed at space systems could disrupt internet access, interfere with the Global Positioning Satellite (GPS) system, and even turn satellites into weapons.

“We should be worried about that if we’re worried about people hacking into our navigation systems. We should be worried about that if we care about our electric grid staying online,” Gregory Falco, a civil engineering professor at Johns Hopkins University, told Recode. “These space systems enable all of this other critical infrastructure that we have, and we don’t even realize it.”

The United States is not currently facing a large proliferation of cyber attacks in space, but satellites have been hacked in the past. For instance, two American satellites used by the US Geological Survey and NASA to monitor climate and terrain were broken into four times over the course of 2007 and 2008. Intrusions and physical attacks on satellites, their connection systems, and the stations on Earth that control them have increased in recent years “probably due to the advancement of the tech being used and the space race,” according to Maher Yamout, a senior security researcher at the Russia-based cybersecurity company Kaspersky.

Back in April, the head of the Space Development Agency, which is a branch of the Department of Defense meant to boost the military’s space capabilities, warned that cyber attacks against satellites posed more of a threat than missiles. The Space Force, which is in charge of overseeing the military’s satellites and GPS, is also boosting its cybersecurity investments. The military is now preparing for the likelihood that there could be more cyberattacks in space, while the federal government urges the growing number of commercial space companies to beef up their cybersecurity, especially as they look to launch more satellites.

SpaceX, Amazon, OneWeb, and others have already launched hundreds of satellites in order to sell internet access around the world — and are planning to send thousands more into orbit. Those will join the thousands of satellites we rely on for everything from telephone service to weather reports to agricultural research. While most people associate satellites with navigation apps, satellites also transmit crucial timing data that’s used to run the electric grid and banking transactions, according to Travis Langster, the vice president of the space situational awareness startup Comspoc.

Our increased reliance on this tech makes the threat of hacking especially worrisome. A hacker could try to access a satellite by targeting a company’s ground systems, and once inside, the attacker could manipulate the communications or controls, download unwanted software, or even tell the satellite to change its course, according to Iain Boyd, the director of the University of Colorado Boulder’s Center for National Security Initiatives.

“It’s the same kind of thing where people are getting into your computer system and behaving badly,” Boyd told Recode. He added that hackers might also attempt to overwhelm a satellite with false signals or impersonate a satellite’s communication — a process called spoofing — to confuse vehicles on Earth’s surface.

These cyberattacks on space systems have been disruptive, but their impact could be catastrophic. For instance, in 2014, US officials blamed China for a cyberattack that forced the National Oceanic and Atmospheric Administration (NOAA) to cut off public access to imagery data from a satellite network used for weather forecasting. Russia has reportedly used GPS spoofing to confuse ships about their actual locations. And in the future, a worst-case scenario could involve a hacker tricking a satellite into crashing into other space infrastructure, according to William Akoto, an international politics professor at Fordham University, who studies cyber conflict.

“You can’t just walk down to the server room and apply a patch to something that’s in orbit,” explained Matthew Scholl, who leads the computer security division of the Information Technology Laboratory at the National Institute for Standards and Technology (NIST).

To address the impending threat of cyberattacks on space systems, the US military earlier this year transferred more than 2,000 cybersecurity experts to the newly formed Space Force. The Air Force, meanwhile, has begun hosting competitions encouraging hackers to break into satellites, with the hope of learning more about potential vulnerabilities. But cybersecurity experts warn that the private space industry hasn’t been transparent about how it’s managing security threats.

“From a commercial standpoint, we have to hope that they’re doing something,” said Falco, the Johns Hopkins professor. “But most commercial companies working on satellite systems have given zero details about anything that they have regarding the security of their space systems.”

Some of these companies are currently hiring cybersecurity professionals. Blue Origin, for instance, has been looking for an information system security officer to find vulnerabilities in the company’s systems, while SpaceX is searching for an information security assurance analyst to investigate the physical and cybersecurity of the company’s supply chain.

None of the companies Recode contacted — Virgin Galactic, Blue Origin, OneWeb, and SpaceX — responded to a request for comment about the state of their cybersecurity.

But as commercial space companies try to staff up their security teams, the federal government is also stepping in to help.

Last year, then-President Donald Trump signed an executive order recommending principles for cybersecurity and space systems, encouraging private companies to take precautions like boosting protections for control systems in their rockets and satellites and deploying antivirus software to protect their ground stations. NIST has developed cybersecurity resources for commercial space operations, including satellites.

In June, Reps. Ted Lieu and Ken Calvert proposed legislation that would classify space as critical infrastructure to boost collaboration between private space companies and the government on cybersecurity matters. The Federal Aviation Administration also helped create the Space Information Sharing Analysis Center (Space ISAC), a collaboration that coordinates with companies across the space industry to share information about potential threats and attacks to their cybersecurity.

“Infrastructure that is distributed globally means that there’s a very broad attack surface,” Erin Miller, Space ISAC’s executive director, told Recode. “We need to be building in and designing cybersecurity capabilities into every single one of our space systems.”

For now, that means that ensuring national security and addressing the cybersecurity challenges of the emerging space industry are one and the same. After all, the growing number of attacks against all sorts of private companies, whether they’re oil pipelines or meat distributors, makes it clear that when firms don’t protect themselves from hackers, the American public can feel the consequences. As more of the tech that powers our everyday lives heads to space, so should the country’s increased focus on cybersecurity.

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search