Artist’s rendering of WGS-11+

News

SSC Cyber Expo Touts Innovative Technology, Partnerships to Combat the Threat

  • Published
  • By isa Sodders, SSC Public Affairs
EL SEGUNDO, Calif. --  Harnessing innovative technology, hardening cyber systems, increasing the cybersecurity workforce and partnerships with allies and commercial industry partners are key to countering the threats from China and Russia, experts said at Space Systems Command’s 3rd annual Cyber Expo, April 23-24 on the Los Angeles Air Force Base.
 
In her welcome remarks to an audience of more than 300 cyber professionals, Joy White, SSC’s executive director, encouraged participants to ponder three questions during the two day event: 1) With the renewed emphasis on commercial solutions, how can SSC ensure that space industry partners’ systems can withstand cyber threats; 2) How can cyber experts speed the acquisition process while continuing to deliver cyber protection; and 3) How can the command better serve the cyber workforce in order to achieve success?
 
“Your answers to these questions are critical, because the threat is moving at light speed,” White said. “Our pacing challengers have shown both the capability and the intent to contest U.S. and allied forces in, from, and through space.”
 
Since December 2023, there have been six significant cyber-attacks conducted by Russia – including one attack on Ukraine’s largest mobile phone provider, disabling access to 24 million customers, and another attack that targeted residential web cams in Kiev to gather information on the city’s air defense systems before launching a missile attack, White said.
 
Russians also stole 2.5 million documents in an attack on 65 Australian government departments, the country’s largest government cyber-attack, White added. Russians also launched a cyber-attack against Sweden’s only digital service provider for government services just as Sweden was preparing to join NATO.
 
Chinese hackers have targeted Guyana government agencies, at least 24 Cambodian government networks, Philippines government networks, and Dutch military networks, White said.
 
“Our adversaries continue to refine and practice their cyber-attack methods with the clear intent to disrupt our national ground and space systems,” White said.
 
Richard Yu, director of the Digital Superiority Directorate for the U.S. Space Command, in his keynote speech on April 24, described Russia’s and China’s space activities and noted that the average age of Chinese space-based capabilities was four years old – compared to more than 40 years for the United States.
 
“Imagine, if you will, cyber and space – we’re racing a four-year-old car with a 40-year-old car,” Yu said. “It takes the whole of us, to be better.”
 
“This is a team sport,” Yu said. “We can’t do this without you or others on this list. This is a whole-of-government, this is about our allies, everywhere, and this is about industry partners and academia, to provide innovation that we need to overcome the threat vectors.”
 
Col. Craig Frank, director of SSC’s Chief Information Office (CIO), also stressed the importance of partnerships and said workforce retention – in addition to workforce development – is a critical component.
 
“We want to make sure that we develop those cybersecurity professionals, those IT professionals and keep them around,” Frank said, adding that it does no good to train people if they leave after a few years for higher-paying jobs in the private sector. “Or at least we keep them on contract!”
Frank said he believes it’s critical for SSC to have as much data in the Cloud as possible in order to keep the data secure, but still operationally accessible.
 
“It’s the connections between our unclassified networks and our partner networks that are really killing us,” Frank said. “That’s where stuff is getting stolen and getting up and (exfiltrated.)”
“We’ve got to get out of this mindset that Hollywood has put us in, of a 12-year-old sitting at a laptop, breaking into an NSA super computer and getting the plans to the Death Star,” Frank said. “Get it in the Cloud, where we can keep it secure and where we can also recover it.”
“The enemy is not smarter than us,” Frank said. “But cyber is an offender’s game. Cybersecurity is like, you’re the commander of a security forces detachment, and you have to secure the base. The base has 65,535 gates. Some of those gates, like Gate No. 80 and 443 you have to leave wide open, for everybody to go in and out; others like Gate 23 you keep locked all the time; Gate 22 you leave open, but you have to go through high security to check in; and Gate 3389, not only is it locked and barricaded, but we have an infantry platoon and two tanks guarding it.”
 
“But the problem is, the enemy can attack at any time, through anyone of those 65,535 gates, at a time of their choosing, at a place of their choosing,” Frank added. “And we have to secure them all, while letting normal people go in and out, without any issues. That’s what makes cyber so hard. And – unlike us - our enemy is not held to any standards or laws.”
 
“The cavalry is not coming,” added Lt. Col. Brian Mihalko, chief of staff for SSC’s CIO, noting that there are more than 700,000 vacant cybersecurity positions in the United States. “This is a fight for engineers and acquirers as well. As you are building weapon systems, as we are working through our acquisition processes, we need to put that cybersecurity hat on. If there’s training, take it. If there’s guidebooks, use them. Because this fight is going to take everyone: it’s guerilla warfare.”
 
White listed numerous things SSC is doing to combat the threat: reoptimizing for Great Power Competition, investing in cybersecurity, building a digital ecosystem that supports data-as-a-service platforms, digital requests for proposals, digital twins and model-based systems engineering and looking for opportunities to leverage machine learning, AI and quantum computing to maintain technological superiority.
 
“Our CIO team is critically engaged,” White said. “Their collaboration with CROWS (Cyber Resiliency Office for Weapons Systems) doubled the number of cyber security billets at SSC and enabled embedded expert teams in each of our PEOs (Program Executive Offices). This immediately improved our command’s cyber literacy, cyber processes and operations, making all of us a more cyber-ready workforce.”

“CIO executed Project ENIGMA, a digital engineering platform, to enable mode-based systems engineering for 82 programs of record,” White said. “In support of four of our program offices, our CIO delivered a supply-chain risk management capability elevating and mapping more than 2,800 vendors, suppliers and components, ensuring that our adversaries are not infiltrating our supply chain.”
 
“The upgrade of SSC’s NIPRNet (Non-classified Internet Protocol Router Network) circuits improved and optimized our mission networks and improved the capabilities and overall user experience for our personnel,” White added. “It’s amazing how much smart upgrades like these can do for our cyber security but also for the morale and productivity of our workforce.”
 
White also cited the Event Horizon SBIR pilot program to develop the first SSC Zero Trust capability to harden legacy space mission systems and also develop a Zero Trust guidebook, and the Commercial Services Office (COMSO)’s work in awarding 130 small business contracts totaling $93 million in cybersecurity, machine learning, AI, data transport, quantum computing and digital engineering.
 
“(SSC Commander Lt. Gen. Philip) Garrant has made it clear that SSC’s call to action is to close kill chains with next-generation space capabilities and finish the pivot to a more resilient, on-orbit posture,” White said. “Delivering on this imperative requires the use of and development of resilient, scalable, and integrated cyber capabilities. And while interoperability and integrated systems are key to success, they can exponentially increase potential attack vectors our adversaries can use to get at our data, or the data of our industry and academic partners, so our cyber experts are the absolute linchpin to our success.”
 
Other speakers throughout the two-day event included Victoria Coleman, Chief Scientist of the U.S. Air Force; Wanda Jones-Heath, principal Cyber Advisor for the Department of the Air Force; Kristen J. Baldwin, deputy assistant of the Air Force for Science, Technology, and Engineering; and Lt. Col. Vinny Pande, Chief of Space Ventures and Materiel Leader of SpaceWERX.
 
Presentations and panels at the event included upcoming cyber projects ENIGMA and SPARTA, securing the supply chain, current research, operational challenges and priorities and updates on key efforts such as the Space Cyber Test Range and CROWS.
 
In addition to the individual speakers and panels, participants also could solve a series of challenges on a simulated ground system and an engineering model of a payload currently flying on The Aerospace Corporation’s Slingshot spacecraft in a Capture the Flag competition.
 
People could also visit the event’s “Cyber Petting Zoo,” with more than 20 exhibitors, to see, touch, and try out new technologies and capabilities. The vendors offered technologies ranging from Zero Trust Cloud-based security solutions to a tactical video command center that operates with or without network connection or power to the latest in consoles and technical furniture for secure operations centers and command and control rooms.
 
CHIRP (Cyber Halo Innovation Research Program) interns also were on hand to discuss their cyber research at the event. The CHIRP program is a collaboration between SSC and universities and industry partners to provide college and university students with a direct pathway into a cybersecurity career.
 

 

 

United States Space Force

Official United States Space Force Website