The past year has brought reports that unauthorized signals had been sent to a pair of NASA Earth observation satellites and, more recently, that a group based in China had hacked into the computer networks of numerous U.S. companies, including those involved in the satellite business.
Meanwhile, U.S. military and other government officials have been warning that their computer networks are under constant attack. At a time when the Department of Defense (DoD) is cutting back almost all of its activities, U.S. Air Force Space Command, which is responsible for cyberoperations, is dramatically expanding its workforce at bases responsible for that activity.
But protecting against the threat requires more than just manpower; it requires a different way of thinking, says Riley Repko, a retired Air Force officer and former civilian adviser to the service on cyberoperations. U.S. military thinking often is compartmentalized and driven by lengthy program development cycles, which he says are liabilities in the face of a threat that is ubiquitous, collaborative and evolving at the pace of technology.
The U.S. military does a good job of protecting its networks, said Repko, who in addition to running a consultancy is a senior fellow in cybersecurity with Virginia Tech. But every network is only as strong as its weakest link, and this often can be found in outside organizations with which the military does business.
Repko spoke recently with SpaceNews Editor Warren Ferster.
How vulnerable are military space networks to cyberattack?
The issue is nearly every conceivable component within DoD is networked and space systems are no different. In fact, I feel they epitomize the value of data being properly managed and soundly secure. These networked systems and components are inextricably linked to the department’s ability to project military force and the associated mission assurance. Yet these networks are built on inherently insecure architectures that are increasingly using foreign parts embedded in our systems. While DoD takes great care to secure the use and operation of the hardware of its weapon and satellite systems, the same level of resource and attention is not spent on the complex network of information technology (IT) systems that are used to support and operate these weapons or critical IT capabilities embedded within them. DoD’s dependence on this vulnerable technology is virtually a very clear target to the very clever community of hacker adversaries.
We’ve heard a lot of talk that the biggest problem is the theft of intellectual property.
DoD and its contractor base have already sustained staggering losses of system design information incorporating decades of combat knowledge and experience that provide adversaries insight to where we are today … virtually leapfrogging our investment for their own benefit. This is a real challenge as stealing intellectual property is big business and severely hurts our innovative base, much of it residing with small and mid-sized innovative technology businesses and academia.
What are the specific threats to satellite networks?
There are a variety of threats against satellites, particularly uplink jamming, command and control jamming, and command and control exploitation or usurpation. The first two represent the largest threat surface for satellites. All satellites could be vulnerable to command and control exploitation or usurpation — while this is perhaps the most effective attack in the long run, it’s also the most difficult to execute. Satellite control networks are typically operated on closed networks that do not connect to the Internet. Finally, the insider threat is always a major concern from a cybersecurity perspective, especially at the operator level.
How plausible is a scenario in which a U.S. military or civil-government satellite system |is taken over or rendered inoperable by a cyberattack?
It’s certainly possible, but in general it would be more likely that such adversaries would jam links rather than seek to take control of the satellites. Satellite control is provided by operators through the virtual private networks. Commands are uploaded to the satellites on encrypted links. The links are certainly vulnerable to jamming but most satellites have alternative frequencies to provide connectivity to the spacecraft. If the command links are interrupted, most satellites are able to operate independently for days or weeks at a time.
Is there such thing as a closed-loop network or do all networks have some level of exposure to cyberthreats?
There are plenty of purely isolated DoD networks that are air-gapped from the Internet, and are therefore relatively immune to traditional Internet-based cyberattacks. The JWICS [Joint Worldwide Intelligence Communications System] is an example. However, many of these networks use the same fiber-optic infrastructure as the Internet or are tunneled across links of the Internet, so major Internet outages could cause outages to portions of these networks.
Some of the Pentagon’s space-related networks, such as the one that runs the Joint Space Operations Center, rely on badly |outdated computing infrastructure. Is that a liability from a cybersecurity point of view?
There are a number of viewpoints on this topic. Older hardware and software have pros and cons when it comes to resiliency against cyberattacks. In particular, older software is much less complex, and therefore is less likely to contain implementation flaws that would allow for its exploitation. However, newer, more complex software is able to take advantage of more intelligence that enables resilience under attack. The key liability would come from the infrastructure’s inability to leverage newer adaptation algorithms that would provide some resilience to an attack.
Can computer network modernization programs introduce new vulnerabilities to cyberattack?
Of course. Any new technology achieves functionality before it achieves security. New technologies offer new attack vectors that were not present in older technologies. However, newer technologies also introduce new ways of coping with such exploitation. There is no such thing as perfect security as advances in technology will always outpace our ability to effectively secure our networks from attackers.
Does the adoption of Internet Protocol technology for space programs raise the risk of computer attack?
Internet Protocol means that systems are now addressable on the network, which can potentially increase an adversary’s ability to access them using common protocols. However, as long as the systems have the appropriate safeguards, they may not be any more exploitable.
Are networks that integrate commercial off-the-shelf (COTS) software products more vulnerable than those that run on proprietary software systems?
Security through obscurity has been the mantra for use of proprietary systems. This generally provides some level of security against the broad hacker community, but provides no additional security against nation-state-level adversaries who have the financial resources to obtain and reverse engineer target systems. COTS products have the advantage of much wider deployments that generally reveal security vulnerabilities much more quickly because there are many more eyes looking at the product.
You’ve said cyberhackers look for the weakest link to break into computer networks. When it comes to government space networks, where might hackers look for the weakest link?
The weakest points are generally at the edges, not the core, and the space networks represent the strategic core. Attackers would generally have more luck attacking the end point devices.
Can you be more specific?
End points can be anything — tactical radios, cellphones, even desktop computers in the Pentagon. A typical military scenario involves a communications satellite link to a terrestrial network, which could be distributed using wired Ethernet to desktop computers, or could be connected to a cell base station providing service to smartphones and tablets. In terms of command and control usurpation, these devices are much more vulnerable than the satellite infrastructure. Satellite end user devices have very similar vulnerabilities as other networked devices using terrestrial systems.
Are there cultural issues in the Air Force that get in the way of efforts to improve cybersecurity?
The military in general has a procurement timeline of 10 to 30 years for major strategic systems. This can cause major problems in an environment where the technology is changing every month; I like to say, “This technology depreciates like a head of lettuce.” Having the advanced awareness of the capabilities and capacities sought in cybersecurity will require many of what I call the 18th century, silo-driven thinkers to think much differently. Collaboration will be paramount to finding new, nontraditional and innovative insights and solutions, independent of the classification issues. These can always be worked.
What, in general, can the government do to prepare itself against cyberthreats that it cannot see?
The best defense against the unknown cyberthreat is intelligence. We cannot build a firewall to protect against an unknown threat; however, if we have intelligence analysts tracking the bad cyberactors across the globe, understanding the types of attacks they are employing, and the targets against which they seek to employ them, we can get out in front of the threat. It comes down to leveraging signals intelligence, human intelligence and other resources to understand what the credible cyberthreats are against the United States and ensuring we know about the attacks before they happen.