Signals & Space Monthly Cyber Security Briefing

April 2017

Prepared by the CyberWire (Friday, April 7, 2017) ”The month's news in space and cybersecurity turned on North Korean development of long-range missiles, recommendations for US cyber deterrence policies that would affect space-based capabilities and involve a full range of potential kinetic response, and a look at some start-ups who see opportunities for space-based information storage and transmission that would address security concerns.

Remotely Inducing Launch Failure

The US is reported to have an on-going program of cyber attacks designed to interfere with North Korean ballistic missile flight tests. The campaign, said to cause missiles to fail within seconds of launch, began under President Obama and seems likely to continue under President Trump. It's unclear from early reports how effective the campaign has been--failed DPRK launches may have been caused by design flaws or operational errors. As North Korean launch tests over the course of the month, however, and as the DPRK appeared to move closer to a realistic long-range nuclear strike capability, observers in South Korea publicly wish for some effective cyber attack tool that could cripple the North's missiles. (Japan is clearly within range; some reports suggest even Australia and Hawaii soon might be, although that seems a stretch.)

In any case, North Korea successfully launched a series of ballistic missiles this month. The tests were obviously not impeded by any cyber attacks. so either the US elected not to interfere with the flights, or US ability to do so was exaggerated in early reports. 

Cyber Deterrence

The Defense Science Board's Task Force on Cyber Deterrence made its final report publicly available at the beginning of March. The report offers a standard definition of deterrence and notes the hesitant and incremental way in which US deterrence has so far evolved.

"...cyber deterrence is the use of both deterrence by denial and deterrence by cost imposition to convince adversaries not to conduct cyber attacks or costly cyber intrusions against the United States, and in at least some instances, to extend this deterrence to protect allies and partners. Just as cyber is a relatively new domain, cyber deterrence is a relatively new endeavor. For the most part, to date the United States has been establishing its cyber deterrence posture step-by-step, in response to attacks. Although the United States responded with diplomatic moves and economic sanctions to North Korea's Sony hack, China's IP theft, and Russia's meddling in U.S. elections, it is far from clear that such responses have established effective deterrence of future cyber attacks and costly cyber intrusions" (DSB TF on Cyber Deterrence, 3).

Part of the difficulty of developing an effective deterrent lies in different adversaries' very different sensibilities and susceptibilities: major powers, minor powers, and non-state actors make distinctive risk calculations. The principles the Task Force argues should inform cyber policy are familiar from other, earlier forms of deterrence: a mix of denial (that is, defenses that would reduce vulnerabilities and dissuade attacks by convincing adversaries of their futility) and cost-imposition (the credible, assured prospect of retaliation that would impose unacceptable costs on an attacker).

Effectively implementing such deterrence depends upon success at two intelligence tasks: first, understanding what adversaries value, and second, high-confidence attribution of cyber attacks to specific actors. Deterrence must be highly tailored to specific adversaries. While retaliatory measures ("rungs" of escalation) need not, and should not, be exclusively cyber, including a range of diplomatic, legal, and kinetic responses, the Task Force strongly recommended development of "scalable strategic cyber offensive capabilities.

The US should achieve an assured retaliatory capability in the form of a second-strike cyber-resilient military capability. That capability should extend to "cyber, nuclear, and non-nuclear long-range strike." This would require cyber-hardening of key combat and C4ISR systems. The Task Force recommends that priority be given to hardening strategic strike capabilities. They envision an extensive technology scouting program to find new, more capable ways of achieving cyber resilience. They also advocate establishing technology accelerators to prompt development along such lines.

One conclusion is surprisingly blunt: a wintry statement to the effect that, while norms of conduct in cyberspace ("rules of the road") may be valuable, cyber arms control agreements are in practice "not viable." Another key recommendation is easy to say, but hard to implement: develop effective, reliable means of attribution. They see three areas in which work could improve attribution (DSB TF on Cyber Deterrence, 25):

- "Improving identification and authentication of the users of our systems;

- "Sharing situational awareness between adjacent systems; and

- "Conducting behavioral analysis (tying actions to actors), rather than just depending upon transaction analysis (looking principally at tripwire events)"

These at least suggest the lines along which future work might proceed (and a great deal of that work remains to be done).

Satellites as Cloud Hosts

On March 3 the CyberWire spoke with Cliff Beek, president of Cloud Constellation. His company is an interesting start-up with near-term plans to put cloud infrastructure, "Spacebelt," into low-earth orbit. Beek sees space-based infrastructure as inherently less vulnerable to spoofing than terrestrial systems; he also sees such infrastructure as offering an alternative to locating data within certain terrestrial jurisdiction where it would be accessible to national legal authorities. Cloud Constellation intends to place fifteen small satellites into low-earth orbit (roughly 400 to 800 kilometers, well below the geostationary plane). Their satellites are expected to carry 4 to 8 petabytes of storage, and will lease transponders from geostationary satellites already in place. They claim a breakthrough in antenna technology that will enable them to establish a global transport ring. They have a number of partners and customers lined up (an early customer is a digital currency) with substantial interest from several nations' diplomatic services interested in sovereign data storage and transmission.

[940]

 

Today's edition of the CyberWire reports events affecting China, Japan, the Democratic Peoples Republic of Korea, the Republic of Korea, Russia, and the United States.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities (6)

Marketplace (9)

Products, Services, and Solutions (1)

Research and Development (1)

Legislation, Policy, and Regulation (19)

Litigation, Investigation, and Law Enforcement (3)

Cyber Events (25)

Cyber Attacks, Threats, and Vulnerabilities

Did cyber attacks slow down North Korea's missile progress? (NK PRO) On March 6, 2017, the New York Times published an article arguing that the United States had deployed cyber attacks against North Korea's missile tests. The article implied that these attacks might have succeeded in causing the failure of several North Korean missile tests, stating: "The North's missiles soon began to fail at a remarkable pace.

(3rd LD) N. Korean leader observes new high-performance engine test (Yonhap News Agency) North Korean leader Kim Jong-un observed the ground jet test of a new high-thrust rocket engine, the country's state-run media said Sunday, an indication that Pyongyang may engage in future provocations despite warnings by the international community.

The US Air Force's Updated E-3G Radar Planes Are Vulnerable to Hacks (Motherboard) Ironically, the downside to having modern computers in planes lies in their susceptibility to that most contemporary of threats-hacking.

Report: Combatant commands vulnerable to cyber attacks (FCW) Despite making progress against cyber red teams, military combatant command missions are coming up short in defending against nation-state adversaries in training exercises.

Legacy Cobol code an increasing problem in computer security, claims research (Comuting) Study finds 'security through obscurity' doesn't work and that investment in modern IT also helps improve security.

Pentagon growing concerned with Chinese investments in America's high-tech start-ups (Defense News) A report commissioned by DoD was circulated among senior Trump administration officials this week, stating that Beijing has been encouraging Chinese companies to invest in American start-ups.

Marketplace

When it comes to cybersecurity, the satellite industry stands out (C4ISRNET) The satellite industry is different from other commercial industries in regard to cyberthreats, according to one satellite executive.

Satellite Internet provider ViaSat seeks cyber security startups (San Diego Union Tribune) MarketLink pitch event to focus on network encryption, mobile security and other cyber priorities.

Dir. of Intelligence Nominee Says US Must Speed Up Satellite Acquisition and Launch (The Avion) Could the long acquisition and launch process of US intelligence satellites lead to negative consequences for the United States? According to President Trump's nominee for Director of National Intelligence, yes.

Air Force makes cryptographic deal with 7 companies (C4ISRNET) The contract is scheduled for completion by December 2026.

NATO to seek bids for $3.2B in satellite, cyber security investments (Information Management) Planned orders include 290 million euros for cyber security and IT infrastructure; and 180 million euros for advanced software.

Raytheon Plays War Games (The Motley Fool) Raytheon's CCEWIF could help determine a battle's outcome before the first shot is fired.

Virgin's newest company is Virgin Orbit, a small satellite specialist (TechCrunch) Virgin's business in space just got a little busier, the company founded by Richard Branson just launched a new operation called Virgin Orbit, which..

Lockheed Martin (LMT) Secures $47M Space Systems Contract (Zacks Investment Research) Lockheed Martin's (LMT) Space Systems segment designs and develops satellites, strategic and defensive missile systems and space transportation systems

Boeing's defense unit wins $26.6 million NASA contract (St. Louis Business Journal) The Boeing Co.'s Defense, Space and Security unit, which is based in Hazelwood, has been selected by NASA to develop a prototype High Performance Spaceflight Computing Processor.

Products, Services, and Solutions

Ninth WGS satellite launched (C4ISRNET) WGS-9 was launched March 18 aboard a Delta IV rocket.

Research and Development

Vancore Labs to conduct research for DARPA (C4ISRNET) The U.S. Defense Advanced Research Projects Agency (DARPA) has awarded Vencore Labs contracts valuing $17.7 million for research in cyber defense.

Legislation, Policy, and Regulation

North Korean tests augment calls for boosting missile defense systems (TheHill) North Korea's stubbornness on its missile program has given a boost to U.S. lawmakers who are pushing for more money to expand and improve missile defense systems.

To abort military action (koreatimes) U.S. Secretary of State Rex Tillerson's tough talk on March 17 of possible military action against North Korea's nuclear threats raised concerns about the prospect of a second Korean War.

Observations on China's New International Cyberspace Cooperation Strategy (Lawfare) The Chinese government last week released a new, wide-ranging strategy document (in English and Chinese) for international cooperation on cyberspace issues.

DoD scientists offer cyber deterrence framework, report (C4ISRNET) The Defense Science Board released a new report on cyber deterrence.

Final Report of the Defense Science Board (DSB) Task Force on Cyber Deterrence (Office of the Secretary of Defense: Defense Science Board) The United States gains tremendous economic, social, and military advantages from cyberspace. However, our pursuit of these advantages has created extensive dependencies on highly vulnerable information technologies and industrial control systems. As a result, U.S. national security is at unacceptable and growing risk.

Targeted control system cyber attacks - not when, but how much damage (Control Global) Targeted control system cyber attacks have been identified in many countries that include destruction of centrifuges, damage to blast furnace, loss of fuel loading, tilting of an off-shore oil rig, and significant environmental discharges. However, there have been almost no US government or NERC public identification of control system cyber attacks in the US despite the fact that targeted control system cyber attacks have occurred in US critical infrastructures with attendant damage.

What 'Dirty Harry' and space deterrence have in common (C4ISRNET) Air Force officials gathered to talk about the approach to the space environment.

Why does DoD care about space situational awareness? One word: deterrence (C4ISRNET) The Pentagon engages in space situational awareness to deter conflicts in space.

How the Air Force and IC will partner in space (C4ISRNET) As the Air Force is moving to normalize space as a war-fighting environment, collaboration with the intelligence community is critical.

The Cyberwar Information Gap (Defense One) Unlike a conventional military strike, state-on-state cyberattacks can go unreported for years.

Trump Inherits a Secret Cyberwar Against North Korean Missiles (New York Times) The United States has been trying to sabotage North Korea's missile program. President Trump must decide what to do next.

Lawmakers fear infiltration of defense supply chain (TheHill) There's a growing risk of adversaries inserting malicious material into Pentagon weapons systems.

Obama hit North Korea's nuclear program with cyber attacks (Mashable) About three years ago, North Korean missiles sputtered during launch attempts.

North Korea launches more missiles; 3 land in Japanese waters (Washington Post) The latest provocation coincides with annual military exercises in South Korea and a congress in China.

North Korea, Out to Launch (Foreign Affairs) On March 6, North Korea tested four ballistic missiles, three of which landed within Japan's territorial waters just 200 miles shy of its coastline.

Cybersecurity experts tell Congress weapons need better security (Defense Systems) A panel of experts told lawmakers new policy or acquisition procedures may be necessary to protect weapons systems.

Lawmakers sound alarm on space security (TheHill) Retired military officials, a former deputy administrator for FEMA, and the House Committees on Homeland Security and Armed Forces uniformly lamented not doing more to prevent strategic attacks against satellites, despite a full decade of knowing they were increasingly vulnerable.

Is it time to stand up a new space organization? (C4ISRNET) Given the importance of space, a dedicated space force may be in order.

UAS Symposium: FAA Can't Take On Cybersecurity Alone - Avionics (Avionics) The FAA cannot tackle the issue of cybersecurity without industry, FAA's Wes Ryan told the crowd during a cybersecurity panel at the 2017 FAA UAS (unmanned aerial system) Symposium last week. Audience members voiced concerns regarding both manned and unmanned aircraft, but the basis to any solution is that there is a need for an …

Litigation, Investigation, and Law Enforcement

SSL sues Orbital ATK over confidential data breach - SpaceNews.com (SpaceNews.com) Space Systems Loral (SSL) has filed a lawsuit against Orbital ATK, alleging it accessed sensitive information about SSL satellite servicing technologies.

Russian Space Official Found Dead In Jail After Transfer To Unmonitored Cell (RadioFreeEurope/RadioLiberty) A former executive director of the Russian space agency, Roskosmos, has been found dead in his jail cell with stab wounds.

Mars Needs Lawyers (FiveThirtyEight) The Liberian flag is easy to mistake for the U.S. flag. There's the red, white and blue. There's the stripes. The only difference is that the Liberian flag features one star in the upper left corne…

 
Compiled and published by the CyberWire editorial staff. Views and assertions in linked articles are those of the authors, not the CyberWire or Cosmic AES

Prior Issues

Cosmic AES - Experts in Space and Communications