New Space Players Take Stock of Headline-Grabbing Security Breaches
“In information security, it is a matter of time before failure. Given enough time, all systems will fail.”
William Eshaugh, vice president of Corporate Engineering and Security for Planet, laid out the stark truth of cybersecurity threats during the CyberSat Digital event on Tuesday, May 11. New Space players on the panel took stock of cybersecurity threats in light of the ransomware attack on Colonial Pipeline, which has disrupted the gasoline supply on the East Coast.
While details of the Colonial Pipeline attack are still coming out, Eshaugh hypothesized that the company may have had what he calls an “eggshell defense” — a thick security exterior that, when penetrated by something as small as a pinprick, reveals a soft interior.
Eshaugh sees implications for New Space and other companies in this attack. One vulnerability he pointed to is taking for granted third party vendors that have excellent reputations. Eventually, even trusted vendors can be breached.
“[With] trusted third party vendors with sterling reputations, you can’t blindly turn off all your other defenses and say, ‘We bought the best, we’re okay,’” he said. “We have to exaggerate our efforts in defense in depth. It doesn’t matter where the component comes from, we should consider it untrusted and build systems around it to defend against when — not if — it fails.”
Marcus Tallhamn, vice president of Software Engineering for Spire Global, agrees that even the most reputable companies can have security problems, pointing to Microsoft Exchange server and SolarWinds hacks. He said that for Spire, the approach is to keep things simple both in terms of personnel and in terms of code. When organizations have more and more people, it opens more opportunity for an attack, and the same is true with code, he said.
“All code has bugs, and the less code that you have, the better. You need to keep the things that you’re building as simple and clean as possible, because then there’s less things to scan. You have less attack surface for people to exploit,” Tallhamn said.
Marc Bell, chairman and CEO of Terran Orbital, which owns PredaSAR and Tyvak, said his companies have moved to producing 85% of all code in-house, versus contracting out coding work. The company is working to bring 100% of code in-house in the next 36 months to eliminate risk from offshore vendors.
“By using outside vendors, you don’t know who touches the code and what they’re doing. We were spending more time and more money checking the work that others have done, it’s cheaper for us to just do it ourselves,” Bell said. “Our primary customer is the U.S. government, so we continue to make sure that everything is done onshore. It’s a challenge because there’s lots of programming talent around the world that’s spectacular, but we have to control our destiny by doing it ourselves.”
One advantage that New Space companies have is that they update their fleets much more frequently than traditional operators with large satellites in Geostationary Orbit (GEO), Bell said. Low-Earth Orbit (LEO) satellites can have software updates every generation.
But Eshaugh pointed to a security risk from LEO that is a growing concern in the satellite industry — the possibility of a LEO satellite being hacked and then used as an in-orbit weapon. As thousands of satellites are added to LEO, the possibility that any one of them could fall victim to an attack increases, Eshaugh warned
He suggested that satellites not be able to accept commands from anyone but the original operator, but with the caveat that strategy may not be enough.
“We have to have a sober view of what the potential consequences are,” Eshaugh said. “[We must] invest both in making the concepts, techniques, and approaches available, and even licensing organizations that authorize the operation of these systems should be guarding against these types of outcomes. Failure for any given operator could have tremendous ramifications for all other operators in the domain.”