Space Cyber Security Watch N°3 – 31 May 2021

1
267

PDF VERSION IS AVALAIBLE HERE

Find below the new Space Cyber Security Watch No 3. In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats … This work is not exhaustive, so comments and observations are welcome.

Contents

Attacks on Space Systems

Articles

February 2021

  • (EN) Red Flag 21-1 integrates space, cyberspace for joint all-domain operations training – Red Flag 21-1 is an exercise with Space-unit participants including blue, red and white players from the United States Space Force, U.S. Army Space and Missile Defense Command, and allied nations combat air forces. During the exercise, they have employed “space electronic warfare capabilities that support full-spectrum national security objectives, along with offensive cyber capabilities across adversary data networks affecting that network’s ability to pass data or function properly”.

March 2021

  • (EN) Viasat Opens New Cyber Security Facilities in the UK – “Viasat‘s U.K. subsidiary opened a new Network Operations Center (NOC) and Cyber Security Operations Center (CSOC) in Aldershot, United Kingdom. The new facilities will support defense, government, and commercial organizations often targeted by increasingly sophisticated cyberattacks”.
  • (EN) SecDef briefed on military space programs, threats to satellites – “Defense Secretary last week received a detailed briefing on DoD space programs and national security threats in the space domain. This was his first high-level briefing on space issues since taking office”

April 2021

May 2021

  • (EN) CyberSatDigital Speakers: “Red-Teaming” Helps Industry Understand, Detect Evolving Threats – Red team exercises – or, simulated cyber attack scenarios run by internal IT groups and/or external third parties – can help satellite companies keep pace with constantly evolving cyberattacks, according to speakers on CyberSatDigital’s opening panel on Monday.
  • (EN) New Space Players Take Stock of Headline-Grabbing Security Breaches – Vice president of Corporate Engineering and Security for Planet, laid out the stark truth of cybersecurity threats during the CyberSat Digital event on Tuesday, May 11. New Space players on the panel took stock of cybersecurity threats in light of the ransomware attack on Colonial Pipeline, which has disrupted the gasoline supply on the East Coast
  • (EN) NASA OIG: NASA’s Cybersecurity Readiness – Given its high-profile mission and broad connectivity with the public, educational institutions, and outside research facilities, NASA presents cybercriminals a larger potential target than most government agencies.
  • (EN) SolarWinds hack ‘a big wakeup call,’ NASA’s human spaceflight chief says – NASA leaders know that the space agency, with its huge stores of advanced technical data, is an inviting target for hackers and therefore take significant measures to head them off
  • (EN) CyberInflight is now a proud member of the Space ISAC – In April 2021, CyberInflight became the first french company of Space ISAC.
  • (EN) CCSDS Security Working Group – Spring 2021 : CCSDS Spring 2021 Meetings has been hold remotely (17-18 May 2021) in a Virtual format at Huntsville Alabama (USA). Meeting materials can be found here.
  • (EN) The Space Force needs deterrence and war-winning capabilities – The USSF lacks key elements that are necessary to empower effective deterrence on orbit: sufficient offensive and defensive means to achieve its statutory functions as an armed force. Credible deterrence requires kinetic and non-kinetic capabilities, political will to use those systems, and the clear communication of a specified threat of force linked to a specific action (i.e., attack) that the U.S. wants to prevent. The armed forces behind the threat must be credible in the mind of the adversary.
  • (EN) Aerospace Cybersecurity Capture The Flag 2021 – During the 2021 RSA Conference, Aerospace Village hosted a Cybersecurity Capture The Flag (CTF). The objective of the Aerospace Cybersecurity CTF is to highlight current cybersecurity issues in the aerospace domain using a friendly competition and teaching environment. During the event, challenges and puzzles are solved and “flags” are retrieved. Congrats to the #AerospaceVillage CTF winner @mztropics. CTF platform is now closed.
  • (EN) Message from Steve Lee (AIAA) : If you missed the Embry Riddle Aerospace Cybersecurity Capture the Flag (CTF) at SCITECH 2021, or at the RSA Aerospace Village Sandbox on Monday, 17 May–or would like to explore it some more–the CTF is available online at the RSA Sandbox hosted by Aerospace Village. Check out the challenges and test your mad aerospace cybersecurity skillz! Sorry but now, CTF platform is now closed.
  • (EN) Biden Administration Likely Retaining Trump Doctrine on Cybersecurity in Space – Cybersecurity in space will remain a priority under the Biden administration. Great work from Jaisha Wray and Brian Scott and the crew from the National Space Council.
  • (EN) MoU Signed Between AIAA + Space ISAC For Collaboration On Space Cybersecurity Concerns – The American Institute of Aeronautics and Astronautics (AIAA) and the Space Information Sharing and Analysis Center (Space ISAC) have entered into a Memorandum of Agreement (MOU) enabling the two organizations to collaborate on aerospace and space cybersecurity endeavors.
  • (EN) AIAA and Space ISAC team up to defend space from cyber attack – The two organizations will cooperate to build the knowledge foundations of space cybersecurity. The Space ISAC brings cybersecurity situational awareness and operational excellence and AIAA offers its long history of convening and promoting aerospace expertise, knowledge, and leadership.
  • (EN) Germany affirms the creation of its Space Command under the responsibility of the Bundeswehr – Germany is following the trend to centralize its military space activities. By fall 2021, the German armed forces are set to establish a Space Command under the responsibility of the German Air Force (PDF – 27 pages – In German)
  • (EN) CYSAT ’21, a space cybersecurity conference – Full Keynotes and Presentations have been released in videos
  • (FR) La guerre de l’espace renforce l’activité du Centre spatial de Toulouse – Le campus du CNES à Toulouse va accueillir le nouveau commandement de l’espace qui opérera les moyens spatiaux de la défense nationale. Celui-ci réunira 400 personnes dans un bâtiment dédié en 2025, formées par le CNES. Sa création a favorisé aussi la venue du futur Centre d’excellence de l’Otan pour le domaine spatial.
  • (EN) Space Organizations Partner To Boost Cybersecurity – Two prominent aerospace industry groups are cooperating on cyber information sharing, awareness, education, and outreach to improve the security of space operations. The agreement between the American Institute of Aeronautics and Astronautics and the Space Information Sharing and Analysis Center comes at a time when recent cyber incidents in other industries have highlighted a deficit of info sharing.
  • (EN) JUST IN: Space Force Wants More Cyber Teams – The Space Force is in talks with Cyber Command and the Air Force to bring more specialized cyber personnel into the fold, said the deputy commander of Space Operations Command
  • (EN) The Space Platform Overlay – Have you heard about Space Platform Overlay ? Government programs and organizations have attempted to take portions of NIST governance documents and apply it to space systems. Space Platform Overlay takes the existing control sets (such as the CNSSI No. 1253 and the NIST 800-53 Rev. 5) and articulates what could be applicable to the spacecraft.
  • (EN) EUSPA, the new EU Agency for the Space Programme – The adoption of the Regulation establishing the new EU Space Programme on April 27 marks a new beginning for the EU Space Programme and for the European GNSS Agency (GSA), which has now officially evolved into EUSPA, with an expanded mandate and new responsibilities.
  • (EN) It’s official: EUSPA – EU Agency for the Space Programme is here (Video) – EUSPA provides safe and performant space services, enabling synergies, EU innovation, sustainability, and security. Under the EU Space Regulation, EUSPA’s mandate includes EU Space Programme security accreditation.
  • (EN) EUSPA: We are hiring – The Security Department is loooking for Security Risk Engineer, Service Facilities Security Engineer, Service Security Engineer

Papers

Videos

Webinars

  • (EN) June 16, 2021 : Space Resilience for Automakers – Space ISAC and the Center for Automotive Research (@cargroup) are putting on a webinar on Space Resilience for Automakers on 16 June at 12 MDT!
  • (EN) June 1, 2021 : Reducing Space Threats: A Resolution, Volume 2 – In response to UN Resolution 75/36, UN Member States and other key stakeholders were invited to submit their views on threats to space sustainability, what could be norms of behaviour, and how the multilateral community should move forward.

Past Events

  • (EN) May 25 – 28, 2021 : CyCon 2021, the 13th International Conference on Cyber Conflict – Adapting to the new reality, CyCon 2021 will provide a virtual meeting point for decision-makers, opinion-leaders, law and technology experts from the governments, military, academia and industry. CyCon is organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)
  • (EN) “Cyber, Space, Cubed” panel at the CyCon2021 – Erin M. Miller (Executive Director, Space ISAC) and Ryan Speelman (Principal director for the Cyber Security Subdivision at the Aerospace Corporation)  hold a session at CyCon 2021 for the “Cyber, Space, Cubed” panel.
  • (EN) James Pavur at the CyCon2021 – James Pavur hold a session by presenting his new paper “On Small Satellites, Big Rockets, and Cyber Trust”, as part of a panel NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)’s CyCon2021 conference. Definitely check it out if you’re interested in launch vehicle and CubeSat cyber security.

Upcoming Events

  • (EN) September 1 – 3, 2021 : Geopolitics and Global Futures Symposium 2021. The 2021 Geopolitics and Global Futures Symposium is now open for applications! Module 1 is about « The Future of Outer Space Security »
  • (EN) October 5 – 7, 2021 : CyberSatGov – To bring together the satellite community with the government and military markets to have a comprehensive, progressive discussion about cybersecurity.
  • (EN) October 19 – 21, 2021 : 11th IAASS conference : Managing Risk in Space – The 11th IAASS Conference “Managing Risk in Space”, organized in cooperation with the Japan Aerospace Exploration Agency (JAXA) is an invitation to reflect and exchange information on a number of space safety and sustainability topics of national and international interest.
  • (EN) October 25-29, 2021 : IAF’s IAC 21 in Dubaï – 72nd International Astronautical Congress 2021 (Dubai, United Arab Emirates) will have two security sessions :
    • D5 is 54th IAA Symposium on Safety, Quality and Knowledge Management in Space Activities (D5.4 will be more technical : Cybersecurity in space systems, risks and countermeasures)
    • E9 is IAF Symposium on Space Security (E9.2 is more strategic and legal focused : Cyber-based security threats to space missions – establishing the legal, institutional and collaborative framework to counteract them)
    • Papers have been selected and the program will be published shortly

This work is not exhaustive, so comments and observations are welcome.

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.