By Brad D. WIlliams,
Published by Breaking Defense, 16 August 2021
WASHINGTON: A space race is afoot, and in this brave new interstellar world, experts say concerns remain about the cybersecurity and resiliency — or lack thereof — for constellations of space-based assets and the global networks they enable. And with global investment in space exploding, the issue is not going away anytime soon.
“I’ve seen change over the past four years like I haven’t seen over the past 36 years,” Kevin Bell, senior vice president of the Space Systems Group at The Aerospace Corporation and a former Air Force pilot, said last week at an event organized by Booz Allen Hamilton.
Space-based systems proliferation is being driven, as well as enabled, by new tech, ranging from ships and satellites to 5G. The US military will rely on space assets as nodes in global networks to enable its Joint Warfighting Concept and All Domain Operations. In addition to defense and intelligence applications, space increasingly factors into vast swaths of global economies — shaping sectors ranging from transportation to agriculture — in turn making space progressively more of an economic security issue.
The increasing interest in space — once the limited domain of nation-states — is growing to include burgeoning commercial sectors in countries like the US and South Korea. Two billionaires made news last month for their trips to space on commercial ships, and some companies have already sent commercial ships to the International Space Station. Several companies are reportedly exploring space tourism, including one entity that recently announced the first space hotel will open in 2027. Rising commercial ventures into space will complicate military and intelligence space operations.
The space rush will result in tens of thousands of new assets launched within the decade, many running 5G, which will create a “truly enormous” cyber attack surface, said Sam Visner, a technical fellow at the MITRE Corporation and former associate at the Space Information Sharing and Analysis Center, which focuses on cybersecurity of space networks and assets.
In the past, governments were the sole owners and operators of space assets and networks. And while those proved to be “robust systems,” Visner said, many still orbiting earth were largely designed, developed, and tested in an age that “predated cyber threats.”
Those legacy assets, which are nodes in space-based and space-to-terrestrial communications, serve as potential network entry points, much as endpoints (e.g., devices, servers, etc.) do in traditional IT networks. Given enough time and resources, as well as the right capabilities and the proper environment, adversaries could start network compromises by targeting space assets.
Kevin Coggins, a vice president at Booz Allen Hamilton, highlighted the issue: “The architectures of government systems are inherently trusting,” he observed. “If we continue to have these open, trusted links, we’re going to be constantly fighting [the] next threat.”
Coggins suggested the space industry look at ways of implementing zero-trust architectures the same way this security model is being deployed in traditional, terrestrial IT networks. Visner agreed and said the US has to look at bringing zero-trust architectures to space-enabled networks. Zero-trust models rest on a foundational principle of identifying and authenticating every user and every node per every connection on a network — and denying access by default.
Visner said this is where artificial intelligence and machine learning could help in the future. “AI can be used to detect anomalous behavior in networks,” he observed, in turn allowing adjustments to defenses and networks “dynamically.”
“AI can do all of that and more,” but he cautioned, “This will get harder to do as networks grow.”
Another challenge is the “highly commoditized” and globalized space supply chain, which limits US visibility and control, Visner said. His comment echoes a recent congressional report issued by the Defense Critical Supply Chain Task Force, which also highlighted limited supply chain visibility as a major challenge for the DoD and defense industrial base.
The panel’s wide-ranging discussion also touched on DoD space-related acquisition reform, the prospect of pushing more compute power to the edge, and the role of US allies and partners in bolstering space defense.
“Space is in everything, and we are getting more and more dependent on space,” Coggins said. Resiliency and cybersecurity in space, he said, directly tie into the many economic and national security benefits space-based systems support.
See: Original Article