Satellite Hacking: Where Cyberwar Meets Spacewar

Space: the new cyber crime frontier touches on some important, and quite reasonable, concerns about vulnerabilities in our space architecture such as space junk, general overcrowding, and so on. However, one concern (the sexiest one from a headline grabbing perspective of course) is a bit overblown:

Mark Roberts, who pioneered the introduction of cyber elements into the war games that the MoD runs, hypothesised a scenario in which hackers take control of one or multiple redundant satellites and use them to crash into more vital ones.

“There are lots of satellites in orbit at the moment that have been taken off line,” he explained. “They still have propulsion, they have the ability to be restarted. Somebody particularly nasty could hack one of these things and then start to manoeuvre it.”

Now, I would never say never when it comes to technical vulnerabilities but I will say that, having actually worked on satellite control systems a little, that this is not something that keeps me up at night. I touched on this last year:

In 2000 I was CEO of a wireless company that partnered with Lockheed-Martin to demonstrate a COTS solution for remote satellite control. In six weeks we did something nearly impossible. We used a wireless Palm VII PDA, hopped through commercial networks to NASA, and actually sent real-time commands to the WIRE spacecraft. We did this from Johnson Space Center’s Mission Control building but we could have done it from anywhere. Let me assure you that clearing the massive security hurdles for this project was no simple task. Our proposed architecture required input from engineers and executives at Palm Computing, AT&T, NASA, Lockheed-Martin, and one other agency that won’t be named. Not only was it secure, but the system was only live for a brief demonstration period before connections to commercial networks and the Internet were severed.

As I said in that piece there are vulnerabilities (and those are increasing) but I doubt anyone short of state sponsored hackers would have much chance to not only gain full control but to also successfully steer a compromised satellite into another “vital” craft. That is not only an immensely complicated operation but it is also beyond the maneuverability capabilities of most satellites. SIGINT vulnerabilities, space junk,overcrowding, and solar flares all pose more likely threats.

Tweet about this on TwitterShare on FacebookShare on TumblrShare on RedditShare on LinkedInDigg thisPrint this pageEmail this to someone

Will Drones Kill Without Human Intervention?

It is just a matter of time:

“Before they were blind, deaf and dumb,” Mark Maybury, chief scientist for the U.S. Air Force, told AFP. “Now we’re beginning to make them to see, hear and sense.”

Ronald Arkin, a professor at the Georgia Institute of Technology, believes that drones will soon be able to kill enemies on their own independently.

“It is not my belief that an unmanned system will be able to be perfectly ethical in the battlefield, but I am convinced that they can perform more ethically than human soldiers are capable of,” Arkin told AFP.

These stories make for great headlines and feed a lot of silly drone paranoia but I think they are essentially accurate. The killer drones of science fiction will become a reality but probably not on a massive scale and probably not soon.

I think the real story and ultimate benefit is in the development of greater drone autonomy in virtually every other (non-lethal) aspect of their operation. We are not terribly far off from being able to build drones and support systems that autonomously synthesize vast amounts of battlefield intelligence, self-launch, fly to potential targets, and notify human specialists of their intent or target opportunities. We are laying the groundwork for much of that right now. However, in most cases, it will still make sense to allow that human specialist final decision making authority at the execution phase even while the mechanics of flight, targeting, and firing can be fully handled by the drone itself.

When full offensive autonomy does come I think it could initially be in an air superiority role where it is easier to envision fully autonomous drones being turned loose for tasks such as enforcing no-fly zones. That is typically a less complex set of rules than say chasing down two guys with RPGs in the middle of Baghdad. Not easy – but easier. Either way, there are countless applications for this technology and many ways that these capabilities can be implemented short of the “fully autonomous killer drones” that are so effective at capturing imaginations and headlines.

Tweet about this on TwitterShare on FacebookShare on TumblrShare on RedditShare on LinkedInDigg thisPrint this pageEmail this to someone

Nada Bakos on the Threat of Loose Networks

Nada, a former CIA analyst, examines the recent attack in Libya and what it means for the future of US counterterrorism:

That said, watching for the evolution and alignment of these small, like-minded groups is important, but it is a problem that we, as a nation, understand. It was from relatively small-scale attacks against “soft” diplomatic targets in Iraq that Abu Mus’ab al-Zarqawi first made a name for himself and his loosely knitted network in jihadist circles. After joining al Qaeda in 2004, Zarqawi leveraged funding, personnel and the brand to galvanize support for his operations. Still, Zarqawi remained focused on engaging U.S. forces inside of Iraq, which at times did not align with al Qaeda’s central leadership strategy of executing attacks on US soil. Al Qaeda in the Islamic Maghreb (AQIM) has been rumored to have a possible role in the Benghazi attack. Even if AQIM played a role in the attack, the intelligence collection challenge remains in targeting small, loosely affiliated groups that act as the executioners with localized agendas.

This is great stuff and something I’ve been thinking about a lot lately. In some respects this recent explosion of violence seems to show al Qaeda increasingly taking on architectural characteristics of other loose network threats such as Anonymous and the Occupy Movement. It’s not like they are left with many options since organizational structure essentially equals death.

The hacker group Anonymous illustrates the threat posed by these networks perfectly. The upside is that, so far at least, these networks are generally less threatening than the model embodied by al Qaeda at its strongest. The real threat is in the unpredictability of their reach and action. With the benefit instant global communication they can recruit, coalesce, and strike with relatively little effort or central planning. It is also difficult to measure the number of sympathizers or people who self-identify as members. And of those, how many of them will resort to violence or some sort of disruptive action? Their distributed nature also allows them to stage attacks from nearly any spot on the globe or to strike many places at once. So, they aren’t an existential threat but they are quite difficult to pin down and they are capable of catching you off-guard quite quickly.

Despite the advantages inherent in loose networks there are limiting factors that work against them. One weakness inherent in all of these groups is their reliance on technical means for communication and coordination. Anonymous needs its IRC, Jihadists have their forums, and Occupy has its vast array of websites, twitter channels, and video feeds. All of these are deep wells of easily exploitable intelligence that will be leveraged by law enforcement and intelligence organizations to keep these groups in check. In the end the most unpredictable and potentially dangerous threat lies in those small cells of competent true-believers who are skilled enough to evade detection.

Tweet about this on TwitterShare on FacebookShare on TumblrShare on RedditShare on LinkedInDigg thisPrint this pageEmail this to someone