Cybersecurity for International Space Station
A former NASA astronaut Pamela Melroy talked about the cybersecurity issues concerning space based infrastructure at the Aerospace Village within the DEFCON virtual security conference. She served as pilot on Space Shuttle missions STS-92 and STS-112 and commanded mission STS-120 before leaving the agency in August 2009.
The International Space Station (ISS) is a hub of computer systems, and various operations throughout the world entirely rely on that. But is this system completely safe?
Pamela answered this question in her talk. She said that a complacent attitude is prevalent in the ISS, which is the biggest threat. Other issues that were raised by her are discussed below.
Is the space secure?
Space based infrastructure is not particularly immune to attacks. They have the possibility of getting attacked as much as any other infrastructure has. The simplest type of attack is the DoS (Denial of Service) attacks. The attacker jams the signal, which turns the server down. This has become quite frequent when the space based signal is blocked. There is a risk that data transmission can be intercepted and manipulated by the attacker, but the extent of the issue is limited. Another type of attack might involve the control system’s misconfiguration, which can cause the satellite to overheat or even shut down.
ISS security
ISS does follow some protocols to ensure its data safety. All the communication of NASA controllers at Mission Control and ISS happens through a private network, operated by NASA. This control never goes to the open internet at any point.
Also, the process required to send commands from the ground to the International Space Station is quite rigorous. It ensures that the command does not do any inadvertent damage to the station.
Isolation in networks
The architecture of the ISS is distributed over different networks, and these networks remain isolated from one another. For station operations, a technology named PCS (Portable Computer Systems) is used, which are remote terminals designed to send commands to the station’s primary computing unit.
A LAN (Local Area Network) is also installed on the station, which supports limited internet access such as emails or social media platforms like twitter. Even though it has internet access, it is not directly connected to the public network.
The Johnson Space Centre has a proxy computer installed in Houston, Texas. This proxy computer acts as a medium between the ISS and the public internet. However, the networks that these computers operate on are completely isolated from each other.
Areas to be concerned
The security measures in the ISS are pretty assuring, but there are still some areas of concern.
Although the uplink and downlink to most satellites are encrypted, data-on-board satellites are not encrypted. Also, the ground-based control systems for satellites are vulnerable to IT attacks like any other IT enterprise. The complacency of the people working at these space stations could, however, pose a problem. It is a common misconception that the systems at ISS are secure, but this attitude leverages the attacker.
Melroy concluded the talk on an assurance note that they are going to figure out the cybersecurity concerns, from its implementation to its awareness, from the beginning.