Security News > 2021 > September > In space, no one can hear cyber security professionals scream

The Register spoke to HypaSec CEO, Chris Kubecka, who served in the US Air Force before transferring to Space Command, where she handled command and control systems, securing military and intelligence assets from nation-state attacks, and cyber security.

"In the UK too," he tells The Register, "Space integration has featured as an important element of the government's recent Integrated Review. Within an allied context, the Five Eyes coalition serves a similar purpose." The space domain awareness coalition based at Vandenberg Space Force Base monitors all space activity, whether accidental or deliberate, in order to pre-warn commercial vendors about space conjunctions.

According to Galasso: "Space systems are often overlooked in wider discussions of cyber threats to critical infrastructure." This requires a quantum leap towards taking space security seriously.

"All space systems, hardware, firmware and software components, should feature cyber hardened designs with risk-based, defence-in-depth cyber protections to detect and deter threats and vulnerabilities," Galasso insists.

A bottom-up process - utilising national space legislation like the Space Industry Act 2018 and using guidance from bodies like the UK's National Cyber Security Centre - is required to allow each state to develop a regime that best suits their respective national interests and may achieve global consistency in developing norms more quickly, Galasso insists.

In order to combat threats, whether from cyber criminals or state-sponsored attacks, as well as to protect infrastructure and sovereign integrity in space, we will need to see the same nationalistic cyber security endeavours that have been rolled out on Earth also implemented in orbit and beyond, Rudd says.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/09/02/in_space_no_security/