Signals & Space Monthly Cyber Security Briefing

July 2017

Prepared by the CyberWire (Friday, July 7, 2017)—June was marked by bad news (especially North Korean intransigence with respect to its nuclear and ballistic missile programs) and good news (especially the routinization of commercial launch services). All of the news has implications for cybersecurity.

Pyongyang remains as determined as ever to threaten its enemies (now, effectively, the entire world).

North Korean continued its ballistic missile program in the face of essentially universal condemnation and effective economic sanctions. Their missiles have now demonstrated the ability to reach Japan at least, and there are early reports of systems under development that could strike targets in the United States. China, the US, Japan, and South Korea are all engaged in various bilateral programs to put a stop to this, including movement of a US Navy battle group into the area, Sino-US talks about a common approach to the problem, and accelerated development of a Japanese missile defense system (including Aegis ashore). 

Pyongyang so far shows few signs of dissuasion. A recent and very disturbing development is evidence of a DPRK domestic tritium production capability, tritium being essential to the development of fusion weapons ("hydrogen bombs").

The DPRK has also been active in cyberspace, as cyber operations become a normal mode of conflict. Consensus among observers is that the Pyongyang-run Lazarus Group was responsible for May's WannaCry ransomware outbreak. Evidence to the contrary consists largely of signs that the coding was in certain respects incompetent, and so, on grounds of a priori probability, "the North Koreans are better than that." Not necessarily.

The US has deployed a Terminal High Altitude Air Defense (THAAD) battery to the Republic of Korea as a counter to the North's ballistic missiles. After some controversy over consultation, Seoul has announced that THAAD will stay in theater. The Army deployed a cyber protection team along with it, lest THAAD become a "hack magnet" for Pyongyang. Recent tests of US anti-missile capability have shown mixed results: a ground-based interceptor the Missile Defense Agency launched from Vandenberg Air Force Base in California successfully destroyed an ICBM target on May 30th, but on June 21st, elsewhere on the Pacific Missile Range, a test shot of an SM-3 Block IIA interceptor from USS John Paul Jones failed to bring down its medium-range ballistic missile target. Such misses are inevitable, and the Department of Defense remains confident that the Army's THAAD and the Navy's Aegis constitute reliable defenses.

Congress is pushing for more rapid fielding of missile defenses for the state of Hawaii, the densely populated region closest to North Korea. Congress is also asking the Department of Defense to look into space-based missile defense systems.

The lingering risk of Windows XP.

In the UK, critics again raise the possibility that the Royal Navy's Trident missile submarines are unnecessarily susceptible to hacking because they continue to use beyond-end-of-life versions of the Windows operating system. Its not just the veteran missile boats, either: critics also claim the newest, largest British warship, the aircraft carrier HMS Queen Elizabeth, is also hooked on XP. Reporters noticed the old OS in use on shipboard systems during a tour the Navy gave them to show off its most impressive warship. The Ministry of Defense says XP will be gone before the carrier enters service.

In fairness to Her Majesty's tars and jollies, it's no trivial matter to expunge old versions of Windows from Internet-of-things systems. It isn't as simple as replacing or patching Windows on, say, a PC: the OS as its used has been customized by the industrial control system vendor, and it has many interactions and dependencies that simply aren't present in ordinary Windows software.

On the other hand failure to patch and upgrade can have severe effects. Microsoft took the unusual and controversial step of reaching back into the grave with patches for retired versions of Windows in the hope of mitigating the effects of malware like WannaCry. But even that extraordinary move wasn't enough: on June 27th a version of the old Petya ransomware, upgraded with worm functionality and redesigned to use the leaked EternalBlue exploit, tore through Ukrainian government, utility, and financial sites, and then spread rapidly throughout the world. Petya, like WannaCry, may be ransomware, but it threatens the IoT as well.

SpaceX has a very good month.

The private launch service succeeded in turning around reusable launch vehicles rapidly in June. On June 3rd a Falcon 9 successfully put a payload into orbit; the launch took place just two days after that particular launch vehicle returned from its previous mission. SpaceX looks enough like the real deal that the US Air Force will entrust it with the X-35B spaceplane: the company is now accepted as reliable and cost-effective.

India is preparing its own launch capability.

Space agencies and space equities.

Congress is talking about establishing a "Space Corps," but the US Air Force says that's unnecessary, that they can handle matters themselves, thanks very much.

The US Department of Defense is pushing forward with accelerated, streamlined acquisition vehicles for cyber tools and solutions. Both the Air Force and the Army are working to embed cyber considerations in their system development cycles.

Not all policy news is directed at conflict. Australia is considering establishing its own domestic space agency. And on the last day of June President Trump signed an Executive Order reinstating the National Space Council, with a view to shaping policy and modernizing the US approach to spaceflight.

Research and aspirations.

As quantum encryption is demonstrated over increasingly long distances, researchers work toward a space-based quantum encryption system.

Taking a page from the pirate, aspiring state of Sealandia, ensconced with more brass than legal authority in an old off-shore Maunsell Sea Fort, a group announces plans for "Asgardia," a data-sovereign enclave somewhere in earth orbit. Few expect anything to come of this, but there have been more serious proposals to put data in space (c.f. SpaceBelt) where they would presumably be beyond the reach of terrestrial jurisdictions.



Today's edition of the CyberWire reports events affecting Canada, China, Israel, Japan, the Democratic Peoples Republic of Korea, the Republic of Korea, the United Kingdom, and the United States.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities (15)

Marketplace (15)

Products, Services, and Solutions (17)

Technologies, Techniques, and Standards (4)

Design and Innovation (1)

Research and Development (5)

Legislation, Policy, and Regulation (21)

Litigation, Investigation, and Law Enforcement (2)

Cyber Events (16)

Cyber Attacks, Threats, and Vulnerabilities

US Warns of North Korea's Not-So-Secret 'Hidden Cobra' DDoS Botnet (Dark Reading) Reclusive government behind DDoS infrastructure is targeting organizations around the world US-CERT says.

Information Warfare: THAAD The Hack Attack Magnet (Strategy Page) In May 2017 the United States revealed that it had sent one of its few cyber protection teams to defend the THAAD (Terminal High Altitude Area Defense) battery sent to South Korea earlier and declared operational in April.

North Korea Is About to Test a Missile That Can Reach Trump Tower (Foreign Policy) Is the U.S. president ready to put some muscle behind his tough talk?

Re-entry vehicle last-remaining question for N.K. ICBM: U.S. expert (Yonhap News Agency) Building a nuclear warhead and a re-entry vehicle durable enough to withstand the extreme heat during a missile's re-entry into the atmosphere is the last-remaining major question North Korea faces in developing a nuclear-tipped intercontinental ballistic missile, a U.S. expert said.

N. Korea is clearly advancing H-bomb development: Hecker (Yonhap News Agency) North Korea clearly has the ability to produce tritium internally, a basic element for making hydrogen bombs, although the country has yet to weaponize it, an American nuclear expert said Tuesday.

£3bn warship fitted with outdated software at risk of cyberattack (Times (London)) Britain’s state-of-the-art aircraft carrier, which powered out to sea for the first time last night, has the same outdated software on board that was hit by a massive cyberattack last month.

MoD: HMS Queen Elizabeth Will Not Have Windows XP Systems When Operational (Silicon UK) UPDATED: MoD squashed concerns that legacy software in the Navy's latest aircraft carrier leave it open to cyber attacks

Hacking nuclear submarines – how likely is the nightmare scenario? (Naked Security) Nuclear submarines run on Windows XP – but is that the ships’ weakest point?

Britain's nuclear submarines vulnerable to 'catastrophic' cyber attack that could spark nuclear warn, experts warn (The Independent) The UK’s nuclear submarines are vulnerable to a “catastrophic” cyber-attack that could potentially spark a nuclear war, a think tank has warned. The report, titled “Hacking UK Trident: A Growing Threat” and published by the British American Security Information Council (Basic), said such an attack could “neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly)”.

Hacking UK Trident: A Growing Threat (British American Information Security Council) This paper reviews the growing potential for cyber-attack on the UK’s operational fleet of Vanguard-class submarines armed with nuclear-tipped Trident II D-5 ballistic missiles, and some of the implications for strategic stability.

Defence Secretary refuses to deny nuclear submarines run outdated system exploited by hackers (The Independent) Defence Secretary Michael Fallon has refused to deny that Britain’s nuclear submarines use the outdated Windows XP program amid the ongoing WannaCry ransomware attack. Instead he simply insisted the subs were “safe”, adding that they operated “in isolation” when out on patrol, which possibly suggests the vessels at sea were unaffected only because they were not connected to the internet.

US military data reportedly left on unsecured Amazon server (CNET) Defense contractor Booz Allen Hamilton is linked to an account that contained login credentials for other data repositories.

Defense contractor stored intelligence data in Amazon cloud unprotected [Updated] (Ars Technica) Booz Allen Hamilton engineer posted geospatial intelligence to Amazon S3 bucket.

Ready or not, IoT third party risks are here (Help Net Security) Ready or not, IoT third party risks are here. Our cyber climate is evolving and organizations have to shift their focus to the security of external parties.

A spy satellite buzzed the space station this month, and no one knows why (Ars Technica) An accidental flyby may represent “gross incompetence” on the part of the feds.


GAO: Feds disproportionately on the hook in case of satellite failures (Defense News) The watchdog agency released a report Friday analyzing the risk incurred by the government on expensive satellite programs, finding that the contracts leave the financial burden upon government agencies in cases of failure.

Trudeau says national security not jeopardized in China takeover of Norsat (The Globe and Mail) Prime Minister attests Canada would not move forward with Norsat deal if security risks were present

Lockheed Martin Ventures Announces Investment in Terran Orbital (PRNewswire) Lockheed Martin Ventures is making a strategic investment in Terran...

KeyW Wins Aviation Collection Services Contract ( Awards further extend company's advanced ISR business

Classified satellite deal goes to Kratos (C4ISRNET) The contract, with the company's Modular System Division, is for what a Kratos news release only described as "U.S. national security-related customers."

Harris awarded NGA software contract (C4ISRNET) The software "will allow intelligence officials to provide more timely and accurate support to warfighters and the national security community," the company said.

Strategic Move by National Geospatial-Intelligence Agency - iHLS (iHLS) Harris Corporation has been awarded a five-year, $500 million ceiling, single-award IDIQ contract from the

Raytheon's Space and Airborne Systems Awarded $42.8M Deal ( Raytheon Company 's RTN Space and Airborne Systems Division has won a $42.8 million contract for production of Identification Friend-or-Foe (IFF) KIV-77 Mode 4/5 cryptographic appliqué computers. Per the terms, the work will be carried out at Largo, FL and is expected to be completed by June 8, 2022.

Lockheed Martin receives contract modification for UAE THAAD (UPI) Lockheed Martin Space Systems has received $18.9 million modification to an existing contract for the U.A.E.'s THAAD ground component systems.

Comtech wins Blue Force Tracking contract (C4ISRNET) Comtech will provide Aviation Satellite Communication Transceivers.

Iridium’s 'financial transformation' rests on $3B in satellites and a series of SpaceX launches (Washington Business Journal) The company will be able to offer a brand new suite of satellite services to its customers once its new satellites are in place.

Blue Origin coming to Huntsville: Spaceflight company created by Amazon's Jeff Bezos ( Blue Origin is an American privately funded aerospace manufacturer and spaceflight services company set up by founder Jeff Bezos with its headquarters in Kent, Washington.

German firm Hensoldt acquires UK radar maker (Defense News) The terms of the deal have not been made public, but Hensoldt said subject to regulatory approval it hoped to close the takeover by the end of September.

Pentagon revamps cyber weapons acquisition strategy (Defense Systems) The Pentagon has found that its traditional methods of designing and buying cyber weapons are ill suited for this fast-changing battlefield.

Small Business Grows Within DISA (SIGNAL Magazine) The very qualities that define small businesses—agility, flexibility, inherent innovation—are driving the Defense Information Systems Agency to increase its efforts to bring those capabilities under the big tent of defense network services.

Products, Services, and Solutions

NBN to double data limits for Sky Muster retail service providers (CRN Australia) New Sky Muster limits coming in October.

I Got a Sneak Peak How Northrop Grumman Integrates All of America’s Missile Defenses (The National Interest) The company does not built the hardware for America’s missiles defenses, rather it integrates all of the disparate pieces of the system together.  

Aircraft Systems Connectivity Has Never Been Riskier (iHLS) The increased scope and complexity of connectivity technology on aircrafts and in aviation infrastructure, such

PARIS: Horizon demonstrates FlyingFish for monitoring satellite phone signals ( Horizon Technologies is promoting its FlyingFish airborne satellite monitoring system for monitoring of satellite phone signals for humanitarian, search and rescue and law enforcement/anti-terrorism purposes. FlyingFish can be used to turn a wide range of aircraft into signals intelligence (SIGINT) collection platforms.

EchoStar Mobile and Thales Partner on Mobile Satellite Connectivity for Public Protection and Disaster Relief English (PRNewswire) Collaboration will focus on mobile satellite and terrestrial services for security forces and first responders in France and other European countries.

Lockheed's Thaad Production Was Quietly Halted for Four Months ( Production of Lockheed Martin Corp.’s Thaad -- the U.S. missile interceptor that’s spawned an international dispute with its deployment in South Korea -- was quietly halted for about four months last year because of a quality problem with a part.

Earth meets space as companies combine sensor data (C4ISRNET) Kratos and HawkEye 360 are teaming up to deliver orbital sensor services.

SpaceX will launch the US Air Force’s top secret X-37B spaceplane in August (TechCrunch) SpaceX has secured a contract to launch the uncrewed X-37B spaceplane, a secret military spacecraft created by the U.S. Air Force that's kind of like a..

Citing costs, US Air Force turns to SpaceX for its next spy plane launch (Ars Technica) “There are some very exciting things happening in commercial space.”

SpaceX launches 10 satellites from US Air Force base (C4ISRNET) A SpaceX rocket carried 10 communications satellites into orbit from California on Sunday, two days after the company successfully launched a satellite from Florida.

SpaceX chalks up successful launch, landing after two-day delay (CBS News) A SpaceX Falcon 9 rocket boosted a cargo ship into orbit Saturday for a two-day fight to the International Space Station

Watch Spacex Launch Its Second Rocket in 48 Hours (WIRED) If Friday's rocket livestream wasn’t enough for you, you’re in luck—this Sunday, SpaceX is set to launch its second Falcon 9 of the week.

Weather scrubs first SpaceX attempt to re-fly a Dragon [Updated] (Ars Technica) Flying the vehicle again would represent a significant milestone for SpaceX.

Watch SpaceX launch its first reused Dragon capsule to resupply the ISS (TechCrunch) Update: Today's launch was scrubbed due to bad weather. They'll try again on Saturday, June 3 at 5:07 PM EDT.

After nine launches in 2017, it’s tough to be an honest critic of SpaceX (Ars Technica) Can't fly often enough? Elon Musk is a government swindler? Hardly.

India set to launch heaviest satellite (Dawn) Scientists say rocket could be used in the future to carry an astronaut into space.

United Airlines to evaluate Inmarsat’s new connectivity solution on Boeing 767 jets (Aerospace Technology) Inmarsat and Cobham SATCOM have collaborated with United Airlines to evaluate its next-generation SwiftBroadband-Safety (SB-S) flight deck communications platform on four Boeing 767 aircraft.

Technologies, Techniques, and Standards

US Navy ballistic missile intercept test fails (Defense News) The U.S. Navy conducted a failed ballistic missile intercept Wednesday with its SM-3 Block IIA off the coast of Hawaii.

Report: Russia may have accidentally revealed new military satellites (Defense News) The Russian Defence Ministry posted photographs on their website that included information on the never-before-seen Repei satellites.

Army protects next generation navigation technology from cyber attacks (Defense Systems) Military leaders discussed the progress and urgency of pursuing cyber security readiness at AFCEA’s Army IT Day.

The Air Force conducts a collaborative effort to strengthen cyber operations (C4ISRNET) The very first Space Cyber Challenge was held at the National Security Agency Cyber Defense Exercise on May 22 in Linthicum Heights, MD.

Design and Innovation

The First Space-Based ‘Nation’ Wants to Store Data Off-Planet, Beyond the Law (Motherboard) 'Asgardia' plans to launch a data storage satellite beyond the reach of Earthly laws—an ambitious and problematic goal.

Research and Development

Equipment already in space can be adapted for extremely secure data encryption (Help Net Security) A satellite-based quantum-based encryption network would provide extremely secure data encryption, where the data is sent over long distances.

Pentagon upgrades assessment of ability to defend against ICBMs (Reuters) After a successful May test, the Pentagon has upgraded its assessment of its ability to defend the United States against incoming intercontinental ballistic missiles, like the ones North Korea is attempting to develop, according to a memo seen by Reuters on Wednesday.

Anti-missile test shows US can defend against N. Korean ICBMs, MDA chief says (Ars Technica) System designed to strike missiles outside the Earth's atmosphere.

US test of ICBM defense successful (Defense News) The U.S. Missile Defense Agency successfully intercepted an intercontinental ballistic missile target during a May 30, 2017, test of the nation's ballistic missile defense system. (Leah Garton/U.S. Missile Defense Agency)

Increasingly sophisticated test plans for US homeland missile defense system on horizon (Defense News) On the heels of a successful intercept test of its homeland missile defense system against an intercontinental ballistic missile target, Missile Defense Agency Director Vice Adm. Jim Syring detailed plans to continue to challenge the system to ensure it is ready to go up against threats from North Korea and Iran, not just now, but against what is anticipated in the future.

Legislation, Policy, and Regulation

Trump to sign executive order creating a national space council (Ars Technica) The council is needed to modernize the nation's approach to spaceflight.

Remarks by the President Signing an Executive Order on the National Space Council (The White House) Roosevelt Room 3:13 P.M. EDT THE PRESIDENT:  Thank you, very much.  You don't mind if I do that?  Get rid of it.  (Laughter.)  

North Korea says rejects new sanctions, to continue nuclear program (Reuters) North Korea "fully rejects" the latest U.N sanctions against its citizens and entities as a "hostile act" and will continue its nuclear weapons development without a delay, its foreign ministry spokesman said on Sunday.

Japan, U.S. to mull quicker missile defense upgrades, deployment of Aegis Ashore (The Japan Times) Japan will consider increasing the pace of upgrades to its ballistic missile defense system in cooperation with the United States as the allies race to meet...

Foreign minister says Seoul has no plan to reverse THAAD deployment (Yonhap News Agency) Yonhap news articles produced by building a network covering domestic supplies in various newspapers, broadcasting and government departments, major institutions, major corporations, media, K-Pop, K-Wave, Hallyu, Korean Wave, Korean pop, Korean pop culture, Korean culture, Korean idol, Korean movies, Internet media and international agreements of the Republic of Korea.

Mattis urges China to act on North Korea threat (Nikkei) US defense secretary calls for defeat of extremists in Iraq, Syria, Southeast Asia

North Korea a top priority, says new US ambassador to China (South China Morning Post) The new US ambassador to China has said that stopping the threat posed by North Korea will be a top priority, along with resolving the US-China trade imbalance, according to a video message to the Chinese people released on Monday....

Russia Calls North Korean Nuclear Ambitions 'Direct Threat' (VOA) Russia borders North Korea and saw one of Pyongyang's missiles land close to its waters, but it differs from US and its allies on how to rein in North's nuclear and ballistic missile program

The US Has Officially Blacklisted North Korea’s Tech And Defense Contractor (Motherboard) The US government just forbid any American citizen and company from dealing with North Korea’s unofficial tech department, but this will probably not change anything about North Korea’s internet.

House lawmakers want space-based missile defense strategy (Defense News) House lawmakers want the Pentagon to quickly produce a space-based missile defense strategy, according to the Armed Services Strategic Forces Subcommittee’s mark of the fiscal year 2018 defense authorization bill released this week.

House bill presses for plan to protect Hawaii against North Korea missiles (Washington Examiner) The bill would require a plan for the state's defense.

NATO might trigger Article 5 for certain cyberattacks (Defense News) NATO will not rule out invoking Article 5 of its charter should one or more member nations find themselves under a serious cyberattack.

NATO Could Go To War Over A Cyber Attack (The Daily Caller) The North Atlantic Treaty Organization would consider a large enough cyber attack against one member an attack on them all, according to NATO officials. A persistent and devastating attack could tr

NATO to beef up cyber capabilities (Defense News) The development of NATO defensive and offensive cyber weaponry is tasked to the Western alliance’s dedicated cyber unit, which forms part of NATO’s Supreme Headquarters Allied Powers Europe.

Improved information sharing key for NATO cyber ops (IHS Jane's) NATO does not yet need a cyber Command but requires better sharing of information among members in the near term, according to military commanders and organisation officials.

Russia escalates spy games after years of U.S. neglect (POLITICO) Lawmakers and intelligence officials say that the United States missed opportunities to crack down on Russian espionage efforts.

OMB tells agency leaders how to meet cyber executive order (Fifth Domain | Cyber) An Office of Budget and Management memo released in the wake of President Trump’s May 11 “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” executive order lays out deadlines and and implementation guidance on required agency cybersecurity reporting.

Time for an Aussie space agency? ( There are growing calls from founders and entrepreneurs for the Australian government to establish a centralised space agency to support the burgeoning local industry.

US lawmakers launch 'Space Corps' legislation (Defense News) A House Armed Services subpanel plans to create a new “Space Corps” within the U.S. Air Force so the military can better answer threats in space.

Air Force to Congress: No 'Space Corps' ( Rep. Mike Rogers, R-Ala., believes the Air Force is getting in its own way when it comes to advancing space operations.

The Air Force Is Getting a Space General (Motherboard) “We must organize and train forces to be able to prevail in any future conflict which could extend into space.”

Litigation, Investigation, and Law Enforcement

British hacker admits stealing satellite data from US Department of Defense (WeLiveSecurity) 25-year-old Sean Caffrey failed to properly cover his tracks, leading police officers to his door.

UK Hacker Pleads Guilty to Stealing US Satellite Data (Infosecurity Magazine) UK Hacker Pleads Guilty to Stealing US Satellite Data. Sean Caffrey admitted hacking DoD user account details

Compiled and published by the CyberWire editorial staff. Views and assertions in linked articles are those of the authors, not the CyberWire or Cosmic AES

Prior Issues

Cosmic AES - Experts in Space and Communications