Signals & Space Monthly Cyber Security Briefing

May 2017

Prepared by the CyberWire (Friday, May 5, 2017). This month's news includes a great deal of wishful thinking about missile-hacking, US Air Force upgrades of its cyber capabilities, and uncertainty at NASA about the space agency's cybersecurity plans.

North Korea's Failure to Launch

An April 16 attempt by Pyongyang to test-fly a long-range strike missile failed, with the system crashing shortly after launch. The North Korean regime has been undaunted, promising shortly after the failure that it had the ability to wage all-out war against South Korea and (especially) the United States, and that it intended to test a missile every week. Weekly testing has apparently been gasconade, but North Korea's neighbors are uneasy about missile development, the DPRK's nuclear weapons program, and its bellicose talk. The US and China are both concerned, and have implemented tighter sanctions as they play, respectively, the bad-cop, good-cop roles in the crisis. Japan, South Korea, and Russia are also looking to their defenses.

There's a great deal of interesting but unfounded speculation, much of it originating in the United Kingdom,that the US has developed and used a cyberattack capability against North Korean missile systems. There's no positive evidence that this is so, and the speculation appears to turn on wishful thinking and a forced interpretation of routine US refusals to confirm or deny the existence of a cyber operation against Pyongyang. Refusing to confirm or deny a covert operation is of course not evidence that there is any such operation, but sections of the press (again, especially in the UK) persist in viewing disinclination to talk as a "hint" that, yes indeed, the US is hacking away. But as many informed observers are pointing out, there are many explanations for failure to launch, most of them more probable than hacking.

Uncertainty Surrounds NASA's Cybersecurity Plans

NASA's chief information officer for IT security, Jeannette Hanna-Ruiz, who assumed her post in August of last year, told Bloomberg in an interview published April 12th that the agency was concerned about space mission hacking. "It's a matter of time before someone hacks into something in space," she said. "We see ourselves as a very attractive target." She went on to describe NASA's efforts to get control of its internal networks, establish itself as a cybersecurity leader, and head off cyberattacks against space missions.

The future of those plans, however, was called into question by Hanna-Ruiz's resignation on April 17th, effective April 28th. She'll be succeeded on an interim basis by acting CISO Mike Witt, who joined NASA from a position as deputy director of US-CERT at the Department of Homeland Security.

Some of that uncertainly, at least with respect to independent verification and validation, was resolved on May 1st, when it was announced that Engility had won the recompete of a $170 million contract to perform IV&V of NASA missions.

US Air Force Moves to Increase Cybersecurity Capabilities

The Air Force is opening a Cyberspace Threat Intelligence Center at Joint Base San Antonio. Its parent organization, the 35th Intelligence Squadron, will support Air Force operations worldwide.

The Air Force has also adopted its own version of the hack-the-Pentagon crowdsourced approach to vulnerability research that's been widely applauded. But in this case, at least, the word is that Russian hackers are disinvited. "Vetted" hackers from the Five Eyes, yes, but ochi chornyye need not apply.

National Geospatial Agency Describes Push for Agility in Cyberdefenses

The National Geospatial Agency (NGA) is seeking more agility in defending itself against cyberattacks by bringing on developers for shorter periods. Instead of long-term hires, the agency is now bringing developers on for periods as short as a week. This approach has moved NGA toward closer collaboration with the private sector. NGA's Xperience Directorate is serving as the agency's broker with industry.

Industry Notes

Three significant contracts have been awarded to longtime Air Force performers. Raytheon has received an $8.5 million contract to build the Service's Cyber Command and Control Mission System (C3MS) operating location at Lackland Air Force Base, Texas. C3MS will, once it becomes fully operational at the end of April 2018, be responsible for operating and defending USAF networks.

Northrop Grumman received a $9.4 million contract to develop the Cyber Mission Platform (CMP) also at Lackland Air Force Base. The CMP is focused on development of offensive cyber capabilities.

And in March Booz Allen Hamilton won a $10 million contract for research into high-power electromagnetics for cyber and electronic warfare applications.

Raytheon announced that its OCX work modernizing GPS ground stations has met the standards laid out in the Department of Defense Cybersecurity Discipline Implementation Plan (October 2015, as amended in February 2016). The milestone is seen as significant not only for GPS security, but for Raytheon's prospects of significantly expanding into other cybersecurity markets.

The US Army has given BAE a place in an eight-year, $3 billion IDIQ contract to support Space and Missile Defense Command/Army Forces Strategic Command; the work will inevitably have a significant cybersecurity dimension.

Lockheed Martin, which also has announced plans to consolidate its commercial and civil satellite business into a single line of business, conducted a multi-domain exercise at its facilities in Suffolk, Virginia. The three-day, tabletop wargame explored the intersection of kinetic and cyber effects. Results are being provided to the US Air Force Multi-Domain Command and Control (MDC2) Enterprise Capability Collaboration Team.


Today's edition of the CyberWire reports events affecting China, the Democratic Peoples Republic of Korea, Malaysia, the United Kingdom, and the United States.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities (9)

Cyber Trends (1)

Marketplace (12)

Products, Services, and Solutions (6)

Technologies, Techniques, and Standards (4)

Design and Innovation (2)

Legislation, Policy, and Regulation (14)

Cyber Events (25)

Cyber Attacks, Threats, and Vulnerabilities

N. Korea's attempted missile launch failed: JCS (Yonhap News Agency) North Korea's attempted missile launch on Sunday ended in failure, South Korea's Joint Chiefs of Staff (JCS) said.

North Korea's Failed Missile Launch Eases Experts' Worst-Case Scenario Fears (WIRED) Rather than showing off North Korea's military might as intended, the country's most recent failed launch put observers at relative ease.

North Korea's embarrassing missile failure may have been due to US cyber sabotage (Business Insider) "If you think that war is possible with a given state, you're going to be trying to prepare the battle space. In the internet age, that means hacking."

North Korea's unsuccessful missile launch 'may have been thwarted by US cyber attack' (The Telegraph) A North Korean missile launch that failed shortly after it was fired may have been thwarted by cyber attacks from the US.

Behind North Korea's Fizzled Missile: Has China Lost Control of Kim? (The Daily Beast) Kim Jong Un has shown that he doesn't care what Washington and Beijing say, and he may have made himself an even bigger threat to these great powers.

We will test a missile every week, warns North Korea minister. (Times (London) A senior North Korean official warned of all-out war yesterday, insisting that the regime would continue its missile programme. We'll be conducting more missile tests on a weekly, monthly and...

Donald Trump advisor hints that US cyber attack FOILED North Korean missile launch. (Express) A senior adviser to Donald Trump has hinted that North Korea's failed missile launch could have been down to a US cyber attack.

Is the United States Really Blowing Up North Korea's Missiles? (Foreign Policy) There's just no evidence to support the fantasy that Kim Jong Un's rockets are falling prey to a super-secret U.S. cyberprogram.

SPECIAL ANALYSIS: The Dangerous Speculation Over Cyber Warfare Behind The Alleged Failures Of North Korean Missile Launches (Homeland Security Today) In recent days, there has been a lot of speculation on the Internet -- and even among the mainstream media -- over the true cause of the many failures of North Korea's missile tests. Some people are suggesting the Trump Administration is behind the failures by somehow introducing a virus into the missile systems to make them fail.

Cyber Trends

Verizon DBIR Shows Attack Patterns Vary Widely By Industry (Dark Reading) It's not always the newest or the most sophisticated threat you need to worry about, Verizon's breach and security incident data for 2016 shows.


OCX May Pave Way For 'Huge' Raytheon Cyber Business (Breaking Defense) OCX, for the last two years the most troubled space acquisition program and a watchword for the high risks of being the first program to try and meet the Pentagon's highest cyber security standards, may now open the way for Raytheon to plow its way deep into the rich fields of the cyber security market.

BAE Systems Selected by U.S. Army to Design Next-Generation Space and Missile Defense Technologies (BusinessWire) BAE Systems has been chosen for a position on a new eight-year, $3 billion IDIQ contract to continue supporting the U.S. Army's Space and Missile...

Lockheed Merges Commercial, Civil Space Units (Aviation Week) In an attempt to get ahead of business trends, Lockheed Martin is combining its civil and commercial space lines of business into one ...

Lockheed Martin realigns its commercial satellite, space business (Washington Business Journal) The commercial satellite business just moved to Colorado in 2014.

Northrop Wins $49M Air Force Deal for Technical Services ( Falls Church, VA-based Northrop Grumman Corp. 's NOC unit, Mission Systems, has won a modification contract from the U.S. Air Force. The contract is valued at $49.3 million and is awarded by the Air Force Life Cycle Management Center, Robins Air Force Base, GA...Per the contract, Northrop Grumman will provide maturation and risk reduction technical services for the Embedded Global Positioning System and Inertial Navigation System-Modernization (EGI-M) technology.

U.S. Air Force invests millions this month on cyberweapons projects (Cyberscoop) Three of the United States' largest military contractors each won multimillion-dollar projects in the last month to boost American offensive power in the cyber domain. Raytheon, Northrop Grunman, and Booz Allen Hamilton have all seen their stock prices rise 10 to 20 percent since the November 2016 U.S. election.

The Air Force bolsters its Cyberspace weapons systems (Defense Systems) The Air Force's latest cyber space weapons system increases control of cyberspace data for more versatile operational command.

US Air Force invites British hackers to test its defences (Computing) Only 'vetted computer specialists' from 'Five Eyes' nations invited to participate in USAF bug-bounty program

Far too dangerous: Why Russians weren't invited to hack the U.S. Air Force (Russia Beyond The Headlines) Russian hackers could have helped expose unknown vulnerabilities in Pentagon systems, but experts say that giving Russians such access is far too much a risk for the U.S.

Raytheon wins $375m USAF contract for AOC WS modernisation (Airforce Technology) Raytheon has secured a $375m contract to upgrade the US Air Force's (USAF) Air and Space Operations Center Weapon System (AOC WS).

Engility Wins $170 Million National Aeronautics and Space Administration Contract (Yahoo! Finance) Engility Holdings, Inc. won the re-compete of the Systems and Software Assurance Services contract from NASA's Goddard Space Flight Center. Engility will help NASA's Independent Verification and Validation program support missions to explore earth and the universe, including future moon and Mars expeditions

Malaysia Airlines to track planes with satellites (BBC News) It comes three years after MH370, bound for Beijing, disappeared with 239 people on board.

Products, Services, and Solutions

Raytheon Moves GPS OCX Launch, Checkout System Qualification Testing to USAF Site; Dave Wajsgras Comments (ExecutiveBiz) Raytheon has begun to move the site-specific acceptance and qualification testing phase of the launch-and-checkout platform for the U.S. Air Force's GPS Next-Generation Operational Control System from the company's factory to Schriever Air Force Base in Colorado. The company said Wednesday the move came after the LCS system reached a score of 97.7 percent in a...

Raytheon to begin qualification and acceptance testing of USAF's GPS OCX's LCS (Airforce Technology) Raytheon has achieved a significant milestone in the US Air Force's (USAF) next-generation operational control system (GPS OCX) development programme after completion of GPS launch and checkout system (LCS) testing.

SpaceX launches its first recycled rocket in historic leap (C4ISRNET) SpaceX successfully launched and then retrieved its first recycled rocket Thursday, a historic feat and the biggest leap yet in its bid to drive down costs and speed up flights.

SpaceX successfully launches its first spy satellite. (Ars Technica) Not much is known about the National Reconnaissance Office's NROL-76 satellite.

SpaceX successfully launches NROL-76 U.S. military satellite (TechCrunch) SpaceX succeeded in its second attempt to launch NROL-76, a classified payload and its first big contract for the U.S. military via the National.

SpaceX recovers the Falcon 9 rocket used for NROL-76 launch (TechCrunch) SpaceX recovered its Falcon 9 first stage after succeeding in launching NROL-76 for the U.S. National Reconnaissance Organization today. The recovery attempt.

Technologies, Techniques, and Standards

Agency Battles Hackers With Short-term Workers, Industry Collaboration (Meritalk) The average hacker spends eight months in a network before getting caught, according to Jason Hess, chief of cloud security at the National Geospatial-Intelligence Agency.

Intelligence Exploitation Analysts: Creating cyberspace warriors (DVIDS) As one of Air Combat Command's integral assets, the 70th Intelligence, Surveillance and Reconnaissance Wing is home to several cyberspace warriors, including the exploitation analysts of the 41st Intelligence Squadron.

Lockheed Martin Proposes Way Forward for Multi-Domain Operations - Apr 11, 2017 (Media - Lockheed Martin) An exercise at Lockheed Martin's Center for Innovation will provide the U.S. Air Force analysis to expand their employment and coordination of kinetic and non-kinetic effects.

Air Force satellites will use 3-D printed parts (C4ISRNET) The 3-D part was made using a process in which a laser melts and fuses aluminum metal powder layer-by-layer.

Design and Innovation

Defense Intelligence Agency's 'Shark Tank' Helps Startups Pitch Spy Apps (Defense One) DIA analysts who like a product can launch a partnership on the spot.

DARPA wants more secure hardware (C4ISRNET) The Defense Advanced Research Projects Agency wants to test the proposition that more secure software starts with more secure hardware.

Legislation, Policy, and Regulation

Interest in cyber deterrence policy grows, but actual legislation will prove difficult (Washington Examiner) "We will not allow other states to hold us at risk. We must be able to sustain our infrastructures during times of stress."

Dan Geer: Cybersecurity is 'paramount national security risk' (CSO Online) Cybersecurity and the future of humanity "are conjoined now," according to In-Q-Tel's Dan Geer. The cybersecurity futurist, in the closing keynote at SOURCE Boston 2017, gave a sobering look at what is likely to come in a world where change and growing interdependence is happening faster than anyone's ability to manage it

Getting Tough on North Korea (Foreign Affairs) A quarter-century of negotiations and sanctions have failed to change North Korea's behavior. It's time to crack down on Pyongyang's foreign financial dealings,and the states that abet it.

Kim Jong Un Is a Survivor, Not a Madman (Foreign Policy) North Korea's behavior might seem irrational to outsiders, but the Kim regime is just taking logical actions to survive.

Outer-Space Hacking a Top Concern for NASA’s Cybersecurity Chief (Bloomberg) NASA scientists glean valuable data about powerful space explosions and the energy of black holes from their Swift and Fermi satellites. The projects were supposed to last a few years. Instead, they've survived for more than a decade.

Space Missions Targeted by Hackers Only a Matter of Time, Says NASA Cyber Chief (International Business Times) Jeanette Hanna-Ruiz says cybersecurity is a top priority for the space agency.

NASA's chief cyber executive to leave ( Jeannette Hanna-Ruiz, NASA associate CIO for IT security and senior agency information security official, is leaving after only eight months.

PLA Strategic Support Force: The 'Information Umbrella' for China's Military (The Diplomat) Beyond cyber and space warfare, the SSF will play a key role in conventional joint operations.

U.S. Remains Largely Reactive to Cyber Threats (Seapower) At least four U.S. adversaries are developing "very thoughtful" cyber campaigns aimed at the United States, the commander of the U.S. Cyber Mission Force said April 4.

The US Air Force Is Reorganizing to Fight in Space (Defense One) After a scathing report, service leaders are creating a three-star czar to oversee orbital warfare.

New Nuclear C2 Should Be Distributed & Multi-Domain: STRATCOM Deputy (Breaking Defense) Just like the individual ICBMs, bombers, and submarines it oversees, the nation's nuclear command-and-control architecture is aging Cold War tech that needs replacement.

US Air Force Announces New NORAD, Cyber Command Intelligence Directors (Sputnik) US Air Force Chief of Staff Gen. David Goldfein assigned new intelligence directors for the US Cyber Command and North American Aerospace Defense Command (NORAD), the Department of Defense said in a press release on Friday.

Service Vice Chiefs Press the Need for Funding Certainty, Expanding Cyber Security (Seapower) The pressing needs for the three naval services and the maritime industry are greater budget certainty, reversing the erosion in their readiness to meet global challenges, and expanding and modernizing their shrunken and badly aged forces, all of which would be made much harder if Congress relies on a continuing resolution (CR) for the rest of the fiscal year, their senior leaders said April 3.

Trump's promise on cybersecurity: what's been happening? (Naked Security) Work behind the scenes suggests that an executive order on cybersecurity could be signed by the end of the week

Compiled and published by the CyberWire editorial staff. Views and assertions in linked articles are those of the authors, not the CyberWire or Cosmic AES

Prior Issues

Cosmic AES - Experts in Space and Communications