Signals & Space Monthly Cyber Security Briefing

March 2017

Prepared by the CyberWire (Friday, March 3, 2017)—Patching, buggy software, inadvertent (and in some case deliberate) interference with space assets, rapidly maturing operational concepts for cyber warfare, and some indications of the likely cybersecurity direction of commercial space enterprises highlight this month's news.

Patching across IT and OT

NASA's Inspector General in early February released an audit report on industrial control system security within the space agency. NASA sensibly commissioned the study because of the extent to which operational technology has evolved away from manual systems toward increasingly comprehensive automation. The report makes interesting reading, particularly in its strong object lessons about two often remarked issues: first, the degree to which cybersecurity reflects the IT culture in which it emerged as a discipline (and which can lead its practitioners to overlook some of the operating technology issues they must now address) and second, the importance of verifying that patches won't have unintended consequences before they're applied in production environments. Among the findings was this: application of a security patch to software used to control a large engineering oven caused a reboot that stopped the oven's monitoring equipment from running. This effectively disabled both temperature control systems and "impeded alarm activation," causing a fire that burned undetected for three-and-a-half hours.

GPS security and availability

Concerns about disruption of navigation systems—GPS prominently among them—persist. Spirent warns that such systems—GPS, GLONASS, Galileo, and BeiDou—should expect to see more jamming and spoofing in the relatively near future. Their assessment is based largely on a priori possibility, and the fact that Spirent's GPS interference detectors have observed more than 15,000 incidents since they were deployed in 2015. Many of those have been inadvertent, but there have for some time been criminal gangs who've worked on GPS jamming and spoofing, and nation-states certainly have such capability.

Loss of GPS is a significant risk to aerospace operations: on February 22, SpaceX postponed delivery of 2500 kilos of supplies to the International Space Station because its Dragon cargo capsule experienced a problem with its GPS.

Israel Aerospace Industries (IAI) is offering an anti-jamming system for GPS. Called "ADA," the system is now deployed by the Israeli air force and has been approved for export.

In the US, the Air Force has awarded Boeing a five-year contract to support GPS IIA and IIF satellites currently in orbit.

Cyber security for the USAF ICBM force

The US Air Force is preparing to award two contracts for modernizing its deterrent force from the legacy Minuteman system to the new Ground-Based Strategic Deterrent (GBSD). Northrop Grumman, Lockheed Martin, and Boeing are competing for the work. Northrop Grumman emphasizes that its proposal will contain a heavy component of cyber resiliency for the new force. Awards are expected in September of this year.

Cyber war and space war

The current Chief of Staff of the US Air Force expects to be preoccupied with space threats during his tenure. Although a younger domain than space, cyber probably sees a more fully developed US offensive capability than does space proper. Should US space assets come under attack—and cyberattack is one likely form in which such a threat could arrive—US policymakers see it as unlikely they would retaliate with a kinetic attack against the adversary's spacecraft. Rather, cyber retaliation or kinetic operations against enemy ground stations are regarded as far more likely. The probable adversaries most interested in challenging US ability to exploit space are seen as China, Russia, and North Korea.

Admiral Rogers, Director NSA and Commander, US Cyber Command, is interested in pushing a full spectrum of cyber capabilities down to the tactical level. All three Service Departments—Army, Navy, and Air Force—are working along these lines as well. As they do so, they're evolving tactical doctrine and integrating cyber operations into collective training exercises.

When space goes commercial, how will commerce secure itself?

Elon Musk's SpaceX, mentioned above in connection with the delayed Dragon resupply of the International Space Station, is probably as good a bellwether as any for the likely form commercial spaceflight will assume in the near future. Branden Spikes, who's worked as Musk's CIO for several years, tells Business Insider that Musk was concerned about building cybersecurity into SpaceX from the time of its founding. As Spikes put it, "In fact, on day one of creating the network at SpaceX, he's like, 'Don't let them hack us.'" He goes on to say that getting board-level attention for cybersecurity issues has never been a problem for him at SpaceX.

There was a major merger announced in the commercial space sector at the end of February: Intelsat SA and OneWeb Ltd. announced a "conditional combination agreement" lubricated by an infusion of $1.7 billion from OneWeb backer Softbank. The combined company is seen as a play in the increasingly lucrative broadband market: demand for affordable broadband is surging. It need hardly be pointed out that mergers bring with them heightened cyber risk. And all of that broadband capacity will also have to be secured somehow, by someone.

[833]

 

Today's edition of the CyberWire reports events affecting China, Israel, the Democratic Peoples Republic of Korea, Russia, and the United States.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities (4)

Security Patches, Mitigations, and Software Updates (3)

Marketplace (7)

Products, Services, and Solutions (2)

Technologies, Techniques, and Standards (8)

Legislation, Policy, and Regulation (18)

Cyber Attacks, Threats, and Vulnerabilities

Spirent Security Experts Predict Greater Risk to Civil and Military Global Navigation Applications In 2017 (Yahoo! Finance) Spirent Communications plc , the leading provider of mobile network, application, services, and device-test solutions, today warned of the increased likelihood of disruptions this year to a wide variety of civil and military applications relying on global navigation satellite systems – GPS, GLONASS,

GPS glitch delays SpaceX cargo ship docking at space station (Reuters) SpaceX called off the docking of a Dragon cargo ship at the International Space Station on Wednesday due to a problem with the capsule’s GPS navigation system, the U.S. National Aeronautics and Space Administration said.

Computer crashes may be due to forces beyond our solar system (Computerworld) As our personal electronic devices get more complex, researchers say cosmic rays could put them at a greater risk of operational failure.

Google Announces First-Ever SHA1 Collision Attack (BleepingComputer) The SHA1 (Secure Hash Algorithm 1) cryptographic hash function is now officially dead and useless, after Google announced today the first ever successful collision attack.

Security Patches, Mitigations, and Software Updates

Security patch caused equipment shutdown and fire at NASA (Computing) Fire went unnoticed for three hours because the patch also took down the fire alarm system

Industrial Control System Security Within NASA's Critical and Supporting Infrastructure (NASA Office of Inspector General, Office of Audits) In keeping with the evolution of technology, NASA has increasingly moved away from isolated, manually controlled operational technology (OT) systems to an environment in which physical processes are controlled with sophisticated and interconnected information technology (IT) equipment. As more devices become “smart” through wireless connectivity, OT systems that once required hands-on manipulation such as adjusting a valve or flipping a switch can now be controlled remotely.

Linux Project Patches 11-Year-Old Security Flaw That Gives Attackers Root Access (BleepingComputer) The Linux team has patched a security flaw in the Linux kernel that can be exploited to gain root-level code execution rights from a low-privileged process.

Marketplace

SoftBank to Merge OneWeb With Intelsat, Invest $1.7 Billion (Bloomberg) OneWeb Ltd., a U.S. satellite venture backed by billionaire Masayoshi Son’s SoftBank Group Corp., is merging with debt-saddled satellite provider Intelsat SA in a share-for-share transaction.

SoftBank-backed OneWeb to merge with Intelsat (Reuters) OneWeb Ltd, a U.S. satellite startup backed by Japan's SoftBank Group Corp, and debt-laden satellite operator Intelsat SA agreed to merge in a share-for-share deal on Tuesday.

Intelsat's stock soars on report of OneWeb merger (SpaceNews) Intelsat's stock rose 25 percent Monday following a report from Britain's Sky News that the global satellite fleet operator is in advanced talks over a merger with the well-capitalized startup OneWeb.

'Don't let them hack us': Here's what it's like working as the CIO for Elon Musk at SpaceX (Business Insider Australia) From Zip2 to Paypal, Tesla and SpaceX, Elon Musk’s businesses have revolutionised their industries.

U.S. Air Force Awards $875 Million for Cryptography and Information Assurance (SIGNAL Magazine) General Dynamics Mission Systems, Scottsdale, Arizona (FA8307-17-D-0006); Harris Corp., Rochester, New York (FA8307-17-D-0007); L-3 Systems Corp., Camden, New Jersey (FA8307-17-D-0008); Leidos Inc., Columbia, Maryland (FA8307-17-D-0009); Raytheon, El Segundo, California (FA8307-17-D-0010); Sypris Electronics LLC, Tampa, Florida (FA8307-17-D-0011); and ViaSat Inc., Carlsbad, California (FA8307-17-D-0012) have been awarded a combined not-to-exceed $875 million indefinite-delivery/indefinite-quantity contract.

Boeing to support orbiting GPS satellites (C4ISRNET) Boeing has been awarded an Air Force contract to support the GPS satellite system.

Colorado Springs' growing cyber industry takes center stage (Colorado Springs Gazette) The growth of the cybersecurity industry in Colorado Springs was in the spotlight at the Rocky Mountain Cyberspace Symposium as generals and Colorado Gov. John Hickenlooper touted the burgeoning field in the Pikes Peak region.

Products, Services, and Solutions

Company says it could protect missiles from cyber attacks (Great Falls Tribune) Northrop Grumman Corp. hopes to win contract to modernize missile defense system

IAI Debuts GPS Anti-Jamming System (Defense News) The laptop computer-sized system is based on the firm’s multichannel Controlled Reception Pattern Antenna technology designed to render avionics systems immune to direct electronic attack from GPS jammers or other methods of interference.

Technologies, Techniques, and Standards

Cyber capabilities support U.S. kill/capture missions (C4ISRNET) The Air Force has conducted a multitude of cyber missions over the last year that have contributed to captured or killed terrorists.

Information Warfare: HVIs Wanted Dead Or Alive (Strategy Page) The U.S. Air Force recently revealed that during 2016 its component of U.S. Cyber Command (USCYBERCOM) conducted 4,000 Cyber War operations to obtain useful information (often about location) on more than 100,000 targets.

Military still working out 'effectiveness' of cyber tools (C4ISRNET) While the effects of a missile are well-known, the employment of a cyber tool is still not fully understood.

Cyber’s role in Air Force’s premier training exercise: Red Flag (C4ISRNET) Cyber teams have become an integral part of the annual Red Flag exercises, especially as the military readies for multi-domain conflict.

Wargame of cyber proportions unfolds in Colorado Springs symposium (Colorado Springs Gazette) The way to hack an oil refinery seemed rather basic, or

Security, Modularity Drive Navy Cyber (SIGNAL Magazine) Cleaner, more modular software that can be updated with less fuss tops the U.S. Navy’s wish list as it girds its fleet for warfighting in cyberspace.

Army wants electronic-warfare capability for Gray Eagle drone (Defense News) The Army is looking for an electronic-warfare system that can be integrated onto a Gray Eagle unmanned aircraft system, according to a request for information released this week.

DHS offering GPS resiliency tests for critical infrastructure devices (TheHill) Tests will check if GPS devices can withstand jamming and fake signals, called spoofing.

Legislation, Policy, and Regulation

Russian military admits significant cyber-war effort (BBC News) Country's defence minister admits the presence of a powerful military team focused on controlling information.

Russia mobilises an elite band of cyber warriors (Financial Times) Since the 2015 hack of France’s TV5Monde, the Kremlin-backed APT 28 has become bolder in its choice of targets

Pentagon mulling split of NSA, Cyber Command (TheHill) Right now, the two organizations share a leader — but the bew era of cyber warfare might change that.

Information Warfare Breaks Regional, Geographic Boundaries at WEST 2017 (DVIDS) WEST 2017 concluded on Feb. 23 following three-days of speakers, panels, demonstrations and capability displays.

Cyber Command Chief Aims To Delegate Offensive Warfare (Defense Daily Network) The head of U.S. Cyber Command is trying to push offensive cyber warfare down to the “operational tactical level” in the next five to 10 years.“Offensive c

NSA head Rogers pushes to loosen reins on cyberweapons (TheHill) Adm. Michael Rogers — both head of the National Security Agency (NSA) and Cyber Command — is pushing for widespread changes to the U.S.'s treatment of cyber weaponry, including contracting private sector firms to develop arms.

Assessing US capabilities in cyberspace (Fifth Domain | Cyber) Among the proposals and directives outlined in the three drafts are four cyber reviews, including a full-scale assessment of the nation’s capabilities in cyberspace.

Cybersecurity Must Take Front and Center National Attention, Experts Say (SIGNAL Magazine) Cybersecurity can no longer be viewed as a technology-only problem and segmented into stovepipes where the U.S. Defense Department carries out one set of tasks; the civilian government another; and industry does its own thing, said Adm. Michael Rogers, USN, director of the NSA and commander of U.S. Cyber Command.

Commentary: The U.S. Air Force's new push to brace for war in space (Defense News) Top brass write that the service is boosting space defenses in the hopes of never needing them.

The Coming War in Space (US News and World Report) The Joint Chiefs briefed President Donald Trump on space, as officials consider how to keep it benign amid Russia and China’s ambitions.

Battle Staffs Need More Cyber Training, Leaders Say (GovTechWorks) Military cyber operations capabilities are developing faster than planners and commanders can use them on the battlefield. This reality prompted a fresh look at classification and training to ensure battle staffs know how and when to employ cyber effects.

Offensive cyber still in infancy, says Air Force official (C4ISRNET) Outside of CYBERCOM and NSA, offensive cyber capabilities are still being examined by the services.

Navy developing preplanned cyber network incident procedures (C4ISRNET) The Navy is looking to develop procedures ahead of time in the case networks go down aboard ships afloat.

Army Cyber Mission Force to Utilize Virtual Effects in Fight Against Militant Groups (Executive Gov) The U.S. Army's future cyber mission force teams will use virtual effects in offensive and defensive

Navy opens new 'digital warfare' office, aiming to exploit advances in data science (FederalNewsRadio.com) The Navy has just stood up a new “digital warfare” office, prompted by the notion that the service is awash in valuable, but largely untapped data.

For the Navy, cyber defense has effects well beyond cyberspace (C4ISRNET) Cyber defense is more important than offensive action, according to the commander of Fleet Cyber, as it affords commanders trust in their data and decision making.

Mattis mulls consolidation in IT, cyber (FCW) In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

Policy Experts Push To Make Vulnerability Equities Process Law (Threatpost) By making the Vulnerability Equities Process law, advocates of the idea argue there would be more reliability, transparency and accountability in the process of government vulnerability disclosure.

Compiled and published by the CyberWire editorial staff. Views and assertions in linked articles are those of the authors, not the CyberWire or Cosmic AES

Prior Issues

Cosmic AES - Experts in Space and Communications