Categories
Space Bits

ESA practices (Cyber)security

Considering the context, I highly doubt the contrary could be announced but nevertheless, some bits on cybersecurity at ESA are detailed in this ESA’s publications “ESA practices security” from November 2019.

This general publication perfectly introduces what was discussed at Space19+.

September 30, 2019:

A presentation from ESA on Cyber Resilience from “ESA Cyber Resilience Team” gives us hints on what is ahead for ESA :

December 13, 2019 :

RHEA, has operations at ESA European Space Security Centre (ESEC) in Redu, Belgium (mentioned in the publication) and few news about it :

A New Leading Cybersecurity Operations Center for Space in Europe. Not much said apart from the fact that this CYCS is blending a Cyber range / training center too. In case you were wondering how much could cost a “Cybersecurity Operational Center” (definition required at it looks to be more than a Security Operations Center), the answer is around €37 million. €14 million from Belgium, €10 million from RHEA. More than the previous source.

Categories
Space Bits

Fall (partial) press review

Actualy this is a very limited press review but I have noted some articles, mainly articles from November 2019 Via Satellite issue published before or after 2019’s Cybersat Summit, all related to Access Intelligence LLC (yeah, that one was easy to find):

The Growing Risk of a Major Satellite Cyber Attack (November, 2019) : comments on Vulnerabilities (Satellite network, supply chain), Small satellites (ground stations and Open Source software- COTS perceived as threats). Vulenrabilities may come from absence of Security Maintenance, weak encryption and old it equipment, few words on Newspace

Different Industries Face Divergent Cyber Challenges (November 15, 2019)

Satellite Providers Stymied by Lack of Cyber Standards (November 14, 2019)

Three trends we see everywhere have also impacts on our cyber posture when it comes to space systems :

–          Blockchain : Blockchain: The Next Big Disruptor in Space

–          SDN Sat : The Software-Defined Future of Satellites

–          IA : Space 2.0: Taking AI Far Out (December, 2019)

Categories
Space Bits

LoRaWAN Security

Bits on LoRaWAN Security:

LoRa Security – Building a Secure LoRa Security by Robert Miller

Security Review of LoRaWan networks by Renaud Lifchitz .

Renaud est intervenu pour la COMET du 18/09/2018 : Space’s Industrial Control Systems Security 2nd Edition : IoT Devices Vulnerabilities : Aeronautics and aerospace security.

Categories
Space Bits

Les mutations de la guerre (thread Twitter)- Université d’été de la défense

Categories
Space Bits

AIAA is looking for a Program Manager, Aerospace Cybersecurity

AIAA has a listing in its current openings for a Program Manager, Aerospace Cybersecurity. Job description is in this pdf.

Categories
Space Bits

MITRE joins Space ISAC

From a MITRE’s news:

spaceisac

The Space Information Sharing and Analysis Center (ISAC) and National Cybersecurity Center announced on Aug. 26 that MITRE will become the Space ISAC’s newest founding member, joining Kratos Defense & Security Solutions and Booz Allen Hamilton. Scott Kordella, MITRE’s executive director for space, will serve on the Space ISAC board of directors.
The Space ISAC aims to “facilitate collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member firms; and to serve as the primary communications channel for the sector with respect to this information,” according to an Aug. 26 press release.

MITRE is known in cybersecurity for many publications and tools among them the not-aging Ten Strategies of a World-Class Cybersecurity Operations Center (pdf, I have seen discussed in some space cybersecurity workshops) and the ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) project.

Space ISAC has a website and a Twitter account.

More on Dark Reading.

Categories
Space Bits

Has a (cyber-)crime been committed on the ISS ?

Not strictly space cybersecurity related but it could be the first identity theft case seen in space (if confirmed): an astronaut may have fraudulently accessed a bank account from an ISS’ computer.

Issues like juridiction, forensics and legal use of NASA’s assets are dealt with in few articles:

Categories
Space Bits

2019 Challenges to Security in Space

U.S. Defense Intelligence Agency has released in February 2019 a report on challenges to U.S. Security in Space (newsreport in pdf).

Categories
Space Bits

French national intelligence strategy

La Stratégie Nationale du Renseignement (SNR) constitue la feuille de route de Renseignement. Elle en décrit à la fois les enjeux prioritaires, les objectifs qui sont poursuivis et les adaptations qui doivent en découler en termes d’organisation.

This document (fr – pdf) published by SGDSN in july 2019 contains a brief chapter on cybersecurity threats. The development of space communications is mentioned as one of the requirements to permanently adapt intelligence capacities and to better disseminate intelligence amongst services.

Categories
Space Bits

NASA OIG report on JPL’s Cybersecurity

Jet Propulsion Laboratory made the news following the publication of a recent NASA Office of Inspector General report Cybersecurity Management and Oversight at the Jet Propulsion Laboratory (published 18 june 2019 – pdf).

Especially, a raspberry pi used in a exfiltration attack was mentionned (Endgadget: A rogue Raspberry Pi helped hackers access NASA JPL systems).