Welcome to the new 91 cyber warriors who joined us last week. 🥳 Each week, we'll be sharing insights from the Black Hat MEA community. Read exclusive interviews with industry experts and key findings from the #BHMEA23 keynote stage.
Keep up with our weekly newsletters on LinkedIn, Subscribe here.
Cybersecurity in space. 🌌
Because NASA just launched its first cybersecurity best practices guide for the space industry.
Yes. Over the last few years, worries have been growing about vulnerable satellite networks and space initiatives being hacked. And the implications of space hacks could be serious.
🛰️ Cyberattacks against space organisations could disrupt vital communications and space supply chains
🛰️ They could pose a threat to national security and global economies
🛰️ Space hacks could cause the injury or death of astronauts
🛰️They could stall or completely stop the progress of space exploration efforts
🛰️ They could interfere with satellite operations, causing real disruption both on Earth and in space
In August 2023, the FBI, along with the US National Counterintelligence and Security Center and the Air Force Office of Special Investigations warned that international intelligence bodies were launching hacking campaigns to infiltrate the American space industry.
And this isn’t unique to the US: space missions undertaken by other countries around the world could be at risk.
It’s a 57-page document that aims to enhance cybersecurity for future space missions. And not just NASA missions – it’s intended for use by all of the organisation’s international partners, and for the space industry as a whole.
It takes security guidelines set out in the American National Institute of Standards and Technology (NIST) Special Publication 800-53, a federal government standard for information systems security, and adapts them to be relevant and useful to space industry operators.
In the new document’s introduction, NASA describes it as:
“...a translation guide between NIST verbiage and NASA flight project parlance.”
The goal is that any kind of organisation, from a government space program to a private corporation or a research university, should be able to understand and implement NASA’s security guidelines when they embark on a space project.
And within the guidance, NASA urges all public and private sector organisations involved in space activities to establish continuous mission security risk analysis protocols, as well as define clear risk response operations – in order to identify and mitigate security risks efficiently.
Misty Finical (Deputy Principal Advisor for Enterprise Protection at NASA) said in a statement:
“This guide represents a collective effort to establish a set of principles that will enable us to identify and mitigate risks and ensure continued success of our missions, both in Earth’s orbit and beyond.”
The information systems and operational tech involved in space travel are becoming more complex, more integrated, and more interconnected. And as NASA itself points out, this brings significant benefits for communication and data collection in space – but it also brings new vulnerabilities, and a larger threat landscape.
These new guidelines are a step towards adapting to those vulnerabilities. The space industry needs connected technologies – but it needs to use those technologies safely.
What do you think of the new NASA guidelines?
1. Comprehensive and effective best practices – they’ll make a big difference vote
2. A solid step towards collaborative cybersecurity for the space industry vote
3. A promising sign that space security will improve – but there’s a long way to go vote
Cross-border collaboration is good for cybersecurity in any industry. But this becomes even more pressing in space – when the borders aren’t just between countries, but also between worlds.
And these new guidelines highlight the fact that NASA knows this. Security guidelines are being shared freely and widely because it’s essential for space industry organisations to cooperate – in order to improve space security and resilience overall.
us a message and share your thoughts. Our next newsletter is scheduled for 10 January 2023.
Catch you next week,
Steve Durning
Exhibition Director
Join us at Black Hat MEA 2024 to grow your network, expand your knowledge, and build your business.
Join the newsletter to receive the latest updates in your inbox.
Two experts explain why the future is passwordless.
Read MoreHow threat actors are turning AI against itself.
Read More