Space & Cybersecurity Newsletter - May 2021
WORKFORCE DEVELOPMENT
Space Force tells troops to focus on digital skills
On May 6, 2021, the U.S. Space Force released its “Vision for Digital Service” that states the service’s need for people who are digitally minded and technologically savvy. The Space Force also wants its members to learn programming languages and machine learning and data analysis skills to maintain a small, agile, and highly skilled force. To implement this vision, it has created coding boot camps where operators learn to write software for applications in space traffic control, satellite operations, and space data analysis.
Civilian Cyber Reserve Program Proposed
The Civilian Cyber Security Reserve Act would create a pilot program that would provide the departments of Defense and Homeland Security with additional skilled personnel during large-scale cyber threats. It would be made up of former federal government and military personnel who would operate as temporary civil service employees. Scott Shackelford, chair of Indiana University's cybersecurity program, notes: "The notion of a civilian reserve corps that could be called upon in the event of a major cyberattack is one that has been circulating for some time. In fact, Estonia founded a similar Cyber Defense League years ago. Similarly, the National Guard has been building out its cyber defense capabilities … In my opinion, this is a stop-gap measure at best, though one that could help make a positive difference." To learn more about the National Guard’s efforts, click here.
Space Command to launch Joint Cyber Center
The unified combatant command overseeing the military’s joint operations in space is working to set up a Joint Cyber Center. U.S. military branches are directing resources to the cyber center, which will look to ensure the cybersecurity of satellites and space-based communications. The joint center will serve as a key part in the integration of cyber efforts across branches of the military by acting as the central unit between other cyber-focused commands such as U.S. Cyber Command.
JUST IN: Space Force Wants More Cyber Teams
The Space Force is in talks with Cyber Command and the Air Force to bring more specialized cyber personnel into its organization. Maj. Gen. DeAnna Burt, commander of Combined Force Space Component Command, said she expects cyber protection teams unique to the Space Force to be in place in three to five years. Maj. Gen. Burt discussed a desire to achieve "digital superiority" in cybersecurity to best defend U.S. systems.
INTERNATIONAL EFFORTS
There is ongoing chatter regarding military use of space by various nations. The freshly established U.S. Space Force, for instance, is busily shaping how best to protect U.S. and allied interests in the increasingly contested and congested space domain. The term "warfare in space" could entail things that are already taking place, such as jamming satellite communications, laser dazzling of photo-snapping satellites, hacking systems to selectively block or eavesdrop on phone or data streams, and probing systems to see if they can be hacked. These actions could potentially lead to escalation risks as they are more widely and commonly practiced and as adversaries develop reciprocal capabilities.
The Cybersecurity 202: Biden administration issues executive order in wake of pipeline attack
The Biden administration issued the “Executive Order on Improving the Nation’s Cybersecurity” on May 12, 2021, in response to the Russian SolarWinds hacking campaign. The directive outlines several measures to strengthen federal cybersecurity, including instilling more rigorous security requirements for software providers that contract with the federal government, improving reporting practices for cybersecurity incidents, and requiring federal agencies to adopt better security practices. The Department of Homeland Security will help enforce the order by establishing a Cyber Safety Review Board. "We saw how not patching your network led to three block lines for getting gas in Virginia this morning," she added, in reference to the Colonial Pipeline hack. Sen. Mark Warner (D-Va.), chairman of the Senate Select Committee on Intelligence says, “This executive order is a good first step, but executive orders can only go so far. Congress is going to have to step up and do more to address our cyber vulnerabilities…”
Biden Administration Likely Retaining Trump Doctrine on Cybersecurity in Space
On May 1 the Biden administration announced plans to retain the National Space Council—which President Donald Trump reinstated—under the chairmanship of Vice President Kamala Harris, who has said her foreign policy work will include cybersecurity and technology. The administration has not yet identified the members of the council. Within the government, there is uncertainty about which agency should be specifically designated to oversee cybersecurity in space. Brian Scott, director of critical infrastructure cybersecurity for the National Security Council says, on the topic of the Trump administration’s space and cyber policy: “Space Policy Directive 5, SPD 5, cybersecurity for space systems issued last September, outlines key cybersecurity principles to guide and continues to serve as the foundation for the U.S. approach to the cyber protection of space systems.” Relevant officials recommend cybersecurity at all stages of the satellite life cycle and encryption of all satellite links, regardless of data classification.
SPACE & CYBER SYSTEMS
NASA’S CYBERSECURITY READINESS
Following an audit of NASA’s information technology (IT), it was discovered that “NASA's ability to prevent, detect, and mitigate cyber-attacks is limited by a disorganized approach to Enterprise Architecture.” Noting other inconsistencies with their decentralized cybersecurity practices, NASA plans to “enter into a new Cybersecurity and Privacy Enterprise Solutions and Services.” The recommendations in the audit recommend that there is an integration of Nasa’s Enterprise Architecture and Enterprise Security Architecture and greater collaboration when it comes to cybersecurity. For a more in-depth summary, click here.
CISA Creates Working Group to Secure Space Systems Infrastructure; Brandon Wales Quoted
CISA’s newest working group will be “dedicated to the protection of space systems that contribute to the U.S. critical infrastructure.” The Space Systems Critical Infrastructure Working Group will foster industry and government collaboration in their efforts to identify “services and products that boost the security of commercial space systems.” Brandon Wales, acting director of CISA, notes that this will be fundamental in tackling the threats we face in the cyber and space landscape.
Deepfake satellite imagery poses a not-so-distant threat, warn geographers
AI-generated satellite imagery has the potential to pose a national security threat, as adversaries may utilize this tactic to mislead other countries in their military and intelligence efforts. Awareness of this topic is critical for the sake of keeping geographers alert. Manipulating maps and geography is not a new phenomenon, but combining it with modern-day AI and satellite technology magnifies the risks.
STRATCOM Head Tells Hill He’s ‘Confident’ In NC3 Cybersecurity
Adm. Charles Richard stated that STRATCOM “is already ’taking actions to enhance cyber resiliency for systems under development.’” This enhancement includes modernizing information technology that is nearly 40 years old. This modernization includes systems used in satellites, nuclear submarines, the E-4B “Doomsday” aircraft, and the B-52 bomber.
INDUSTRY EFFORTS
US ‘Will Fail’ If Space Acquisition Doesn’t Reform: CSPC
Acquisition reform will be vital for the success of the US Space Force and for the US to hold its competitive edge over Russia and China. To avoid repeating previous acquisition processes, CSPS recommends that the DOD shifts “‘away from being the launch customer’” to becoming “‘one among several space access customers.’” The report, “Maintaining Momentum In National Security Space,” recommends that the current administration continues the momentum of the US Space Force, treating space as a “complete ecosystem, and the development of a “multilateral rules-based order” for activities in space.
The Space Policy Show: Challenges of the US Space Industrial Base
The Aerospace Corporation's episode on “Challenges of the US Space Industrial Base” focused on private-sector efforts in space. Jonathan Pellish, a NASA Electronic Parts Manager, highlights the importance of developing standards surrounding the integration of commercial products into US government space systems. Brian Gabriel with the Office of Industrial Policy in the Office of the Undersecretary of Defense notes that the focus on national security concerns across the private industries’ efforts, including sub-tier suppliers, is vital in the acquisition process. To watch the entire episode, click here.
EVENTS
The California Cybersecurity Institute’s 2021 California Cyber Innovation Challenge will focus on “Gamification & Esports for Space and Cybersecurity Skills Development.” The event will highlight the convergence of space and cybersecurity and Digital Forensics. The CCIC will be held October 1-3, 2021.
Following the success of the 2020 Hack-A-Sat at DEFCON, the 2021 Hack-A-Sat 2 will be jointly presented by the US Space Force and US Air Force. Registration closes June 27th, and the 30-Hour Virtual Qualification Round will start June 26th with ten $10k prizes on the table. The 48-Hour Virtual Final Hack-A-Sat 2 Capture the Flag event will start September 17th, with the 1st place winner receiving $50k.
The MilSat Symposium focusing on “Next-Generation Space Defense” will be held June 1-3, 2021. To register, click here.
THANK YOU
Thank you for coming to us here at the CCI for your space and cyber-related news. We welcome any feedback you may have. We will see you next month, and don’t forget to keep up on your own cyber hygiene.
Until next time,
The CCI Team
Contact us at:
cci@calpoly.edu