Space Cybersecurity and Border Gateway Protocol Are Top Administration Concerns
National Cyber Director Harry Coker told the President’s National Security Telecommunications Advisory Committee the Biden administration is focusing on cybersecurity in space and strengthening internet routing security. Meeting virtually late Thursday, NSTAC also received an update from cloud-service providers on a pending report about baseline security offerings that was initially expected to be finished this month (see 2312070053).
“We recognize the critical importance of countering the significant threats and risks that we face in the vital domain of space,” Coker said. Cyber appears to be the “preferred attack vector” against space systems, he said. China continues focusing on a strategy where it would attack satellites early in a conflict, he said.
U.S. adversaries are attacking critical infrastructure “across all domains,” Coker said, citing Russia’s shelling of the Ukrainian power grid. The capabilities and intents of U.S. adversaries demonstrate “the urgency of the challenge we are facing,” he said. A former intelligence officer, Coker said, “I know how challenging and complex” space can be: “There are engineering challenges, logistics concerns and bandwidth issues.” And space systems are often designed to last for 10 years or more, meaning they may not be protected against evolving threats, he said.
Coker said the Biden administration held a series of meetings with industry across the U.S. to gather input about space security challenges. We have “heard about barriers that companies are facing day-to-day,” he said. “We must do better.”
During a National Space Council meeting in December, Vice President Kamala Harris called for a minimum set of cybersecurity requirements for U.S. government space systems, Coker said. The requirements will make it easier for companies to support U.S. space missions and “lay the groundwork” for future work, he said. “There is much more work to be done, more listening and learning to be done.”
In addition, the administration is focused on strengthening the security and resilience of the border gateway protocol (BGP), Coker said. BGP allows more than 70,000 independent networks to operate “as what we know as the internet,” he said. “BGP literally is the binding glue for the modern internet,” Coker said: “It can also be, and has been, abused.”
Like too many technologies developed in the early days of the internet, BGP lacks the security needed today, Coker said. In 2018, researchers found that for more than two years, internet traffic from the West was routed through China, he said. Communications between California and Washington, D.C., “ended up traveling an excess of 13,000-plus miles.”
More recently, U.S. security officials have seen an increase in the sophistication of BGP hijackings, Coker said. The end objective of BGP attacks is often gathering account credentials or installing malware that steals cryptocurrency, he said. “Recent incidents have resulted in losses of millions and millions of dollars.”
The FCC is also tackling the issue, with an NPRM proposed for a June 6 commissioner vote requiring that major service providers file data each quarter on their progress in route origin authorization registrations and BGP plans (see 2405160076).
Technology is available today that can “ensure BGP hijacking becomes a thing of the past,” Coker said. The federal government continues to lag behind most of the private sector in registering its IP addresses, though the administration’s cyber strategy is addressing that, Coker said. “It’s not enough to just listen and learn -- we are acting,” he said.
Coker also said the administration is focused on building a better cyber workforce, a problem “we have been battling for decades.” The U.S. must “broaden the talent pool” and “be relentless in our search for talent,” he said. More than 500,000 cyber jobs are open in the U.S. and millions open worldwide, he said.
The Baseline Security Offerings Subcommittee report on cloud security will now be released at the end of the year, said co-Chair Maria Martinez, Cisco executive adviser. “Security has traditionally been, and must remain, a shared responsibility,” Martinez said. “Too much of the burden for security has been left to those who use it” and “a rebalancing of the roles is needed.”
The subcommittee is working on principles “that rationally allocate roles” between cloud service providers, customers, vendors and users, Martinez said. Those who are in the best position to manage a specific risk should be responsible for doing so, she said.