Visser Precision disclosed over the weekend that it had been the victim of a cyberattack. TechCrunch reports that the attack was a ransomware infection, specifically an attack using the DoppelPaymer ransomware strain. Visser said in a brief statement to TechCrunch that the company “continues its comprehensive investigation of the attack, and business is operating normally.”
Ransomware is a form of malware that encrypts the victim's files, rendering them unusable until the victim pays a ransom in exchange for the attacker's provision of decryption keys. The keys usually afford the victim the ability to unlock their affected files. The recent trend in cybercrime is for ransomware to steal data as well as encrypting it, and DoppelPaymer has exactly that functionality. If the criminals first exfiltrate, then encrypt, the victims' data, they gain additional leverage: should the victims not pay the ransom, the criminals can threaten them with release of sensitive information stolen in the course of the attack. According to Tom's Guide, this appears to be the case at Visser.
Security firm Emsisoft told TechCrunch that they had found a website that listed the files stolen in the incident. On display were folders named for Visser customers (those included Tesla, SpaceX, Boeing, and Lockheed Martin). Some but not all of the files were available for download, as has become the normal criminal practice in malware cases. Downloadable files on offer included non-disclosure agreements between Visser and SpaceX. Another file was technical: a partial schematic for a missile antenna marked “Lockheed Martin proprietary information.”
Visser Precision is a Denver-based parts manufacturer that offers "metal and plastic 3D printing, 5-axis CNC machining, injection mold building, and metal additive manufacturing" for a range of industries, including major aerospace companies. Visser's customers include SpaceX, Boeing, and Lockheed Martin. Ransomware is most commonly delivered by phishing attacks, emails sent to the target that carry a malicious payload. When someone in the targeted organization opens and interacts with the phishing email, typically by opening an attached file or clicking a link in the body of the email, the process of infecting the enterprise begins.
While Visser says it's been able to work through the attack and continue operations, ransomware attacks have shown increasing ability to disrupt industrial operations. Companies may wish to consider the third-party cyber risk to which their suppliers expose them. That risk extends not only to the possibility of losing intellectual property, but also to the business risk of delays in receiving components and the cyber risk of a malware infection spreading from their partners.
The Defense Innovation Unit is interested in developing methods of servicing satellites in orbit. C4ISRNET summarizes the elements of a solicitation that closed on February 16th in a way that gives a sense of what the US Defense Department is interested in pursuing. The solicitation called out four capabilities:
Light utility m-OLV. This vehicle would be able to carry one or more payloads, and should have sufficient propellant to move one payload from low-Earth to geostationary orbit "with guidance and control to support cooperative rendezvous, proximity operations and release of its payload at the end of the transit." Its payloads would have a cumulative mass of up to fifty kilograms.
Heavy utility m-OLV. Similar to the light utility m-OLV, but with a total payload capacity of at least five-hundred kilograms, the heavy utility m-OLV would carry enough propellant for both persistent operations and for maneuver to a different orbit. It would have "guidance and control to support cooperative rendezvous, proximity operations, and berthing with a space outpost or servicer."
Fuel depot. This vehicle would store and transport chemical or electrical propellant that, once transferred to another satellite, would enable that second spacecraft to move from low-Earth to geostationary orbit. "The depot should include the necessary mechanisms, sensors and controls to couple the customer vehicle to the depot for refueling."
Ride-sharing approach. This technology would "provide transport of detachable payloads or propellant to an m-OLV or an outpost in geostationary, cislunar or another exotic orbit."
Similar capabilities were demonstrated this past month. On February 25th, in what's being characterized as the first in-orbit commercial servicing of a satellite, Northrop Grumman's Mission Extension Vehicle-1 (MEV-1) successfully docked with two-decades-old Intelsat-901, which had been parked, according to Space News, in a "graveyard orbit three-hundred kilometers above the geostationary arc." MEV-1 will remain docked with Intelsat-901 while it returns the communications satellite to its intended orbit. The operation is intended to extend Intelsat-901's life by at least five years.
Close encounters: arguably malign.
The ability to approach, inspect, and interact with satellites in orbit represents an obvious dual-use capability.
A Russian satellite, Kosmos 2542 has approached a US reconnaissance satellite (USA 245) MIT Technology Review reports. Kosmos 2542 is now "shadowing" the American spacecraft in low-Earth orbit at a distance of less than three-hundred kilometers. Russia says that Kosmos 2542 represents a test of satellite inspection technologies that could be used to observe and possibly service Russia's own spacecraft. The test involves a "parent satellite" which deploys a daughter, sub-satellite in its vicinity, and then closes with the daughter craft to image it. There is indeed a parent-daughter pair in Kosmos 2542, but their behavior seems inconsistent with anything other than cozying up to the US spacecraft. Why it would be doing so is a matter for speculation, but most observers conclude that the Russians are interested in the capabilities and operations of USA 245.
The US and its allies are predictably unhappy with this activity. "This is unusual and disturbing behavior and has the potential to create a dangerous situation in space," Space Force chief of space operations General John Raymond told Business Insider, adding that "the United States finds these recent activities to be concerning and do not reflect the behavior of a responsible spacefaring nation."
“Of course, it is a threat to our allies,” Général d'armée Aérienne André Lanata, NATO Supreme Allied Commander Transformation, told the Washington Examiner. He sees Kosmos 2542 as part of ongoing Russian efforts to develop ways of interfering with other countries' spacecraft.
Collision avoidance in Earth orbit.
There's some controversy over how to handle collision avoidance in space, C4ISRNET reports. Researchers argue that the models used to estimate the risk of collision are flawed, and lead to systematic underestimation of that risk.
Quick reaction—they need something now, not five years from now.
In the space domain, conditions are challenging and the opposition is smart, committed, and well-resourced. You need to get capabilities into the hands of operators as quickly as possible. Rapid prototyping is the cost-effective way to bridge the gap between invention and use. Find out how we do it at Cosmic AES, leaders in signals and space.
NTS-3, US Space Force's planned new positioning, navigation, and timing (PNT) constellation, is intended to be jam-resistant and will feature maneuverable satellites designed to deliver battlespace coverage when and where it's needed, Breaking Defense reports. According to C4ISRNET, prime contractor L3Harris announced on February 11th that the system had passed its critical design review.
GPS vulnerability (and resilience under conditions of denial).
On February 12th President Trump issued an executive order directing the Government as a whole to prepare for resilience with respect to positioning, navigation, and timing. “It is the policy of the United States to ensure that disruption or manipulation of PNT services does not undermine the reliable and efficient functioning of its critical infrastructure. The Federal Government must increase the nation’s awareness of the extent to which critical infrastructure depends on, or is enhanced by, PNT services, and it must ensure critical infrastructure can withstand disruption or manipulation of PNT services. To this end, the Federal Government shall engage the public and private sectors to identify and promote the responsible use of PNT services.”
Space Force activities and procurements.
On February 3rd, Defense News reported, Air Force Secretary Barbara Barrett signed a report to Congress outlining the initial organizational plan for the US Space Force. That plan shows some evidence of seriousness about holding down headquarters bloat--the initial estimate of a thousand personnel assigned to Space Force headquarters has dropped, with the plan now anticipating a staff of some eight hundred. Budgets, however, are expected to see a steady increase, according to Bloomberg, with an FY 2021 budget of $15.4 billion. $2.4 billion of that will be devoted to procurement of satellites, terminals, ground control stations, launch services and communications security. That procurement share of the budget is expected to rise to $4.7 billion in 2025.
Space Force has awarded Northrop Grumman a contract for rapid prototyping of a Protected Tactical SATCOM system. The prototype will be used for "on-orbit demonstration of assured tactical communications." C4ISRNET reports that the total contract value is $253.6 million. According to Space News the funding will cover up to four payloads.
The Department of the Air Force proposed FY 2021 budget includes, FCW says, $150 million for Space Force's "space command and control mission system software pilot to continue the service's trend of leveraging commercial capabilities."
Building a Service culture at US Space Force.
US Space Force has begun the long process of building its Service culture. The first Space Force Facility has been designated for renaming: Patrick Air Force Base will become Patrick Space Force Base in about a month, the UPI reports. The new Service is open to suggestions ("in good taste," the New York Post points out) as to what to call its members. "Spaceman" (on the analogy of its parent Service's "Airman") has been ruled out from the get-go--it's just too Buck Rogers, and would be difficult for people to take seriously.
The National Guard thinks there's a role for it as Space Force's reserve component, Air Force Magazine writes.
Space Force has so far drawn its personnel largely from the US Air Force. But the US Army this past month announced plans to transition a hundred soldiers over to Space Force in 2021, Defense One reports. Ironing out roles, missions, and equities will continue to challenge the new Service. The new Service's personnel system will for some time yet remain a work in progress, and Federal News Network says that handling the six-thousand uniformed personnel expected to transfer in from other Services will be a protracted, non-trivial task. An op-ed in Space News gives a fair picture of how the older Services may see themselves in competition with Space Force.
However Space Force's culture forms up, one of its biggest private sector fans (with aspirations to becoming one of its biggest contractors) likes what he sees. Elon Musk sees Space Force as an incipient Star Fleet, and he's all in on that, Space.com reports.
Hacking space assets.
SpaceX now has the world's largest commercial satellite constellation in orbit, with two-hundred-forty-two Internet-delivering spacecraft now in orbit. That number is a drop in the bucket of the projected forty-two-thousand satellites SpaceX intends to launch over the coming decade, but the constellation as it exists today represents a noticeably expanded attack surface for hackers, Science Alert points out. Cyberattacks could affect the satellites directly, spoof signals, or interfere with ground station operations.
NASA's Jet Propulsion Laboratory is aware of the cyber threat to the missions it manages. The JPL tells TechCrunch that it has adopted a comprehensive approach to risk-modelling designed to give its managers the insight into cyber risk they require to protect their missions.
Commercial space travel.
Virgin Galactic sees a renewed opportunity for space tourism, and is resuming ticket sales for its projected but not-yet-scheduled flights, the BBC reports. Seats aboard Virgin's spacecraft go for some $250,000, with a thousand-dollar deposit to hold your place among such tourists as Leonardo DiCaprio and Justin Bieber. Founder Richard Branson says he'll be on board, too. The Wall Street Journal says Virgin Galactic has obtained twenty out of the required twenty-nine FAA permits to fly.
SpaceX is also advancing plans for human spaceflight, although not necessarily for space tourism. The company has added William Gerstenmaier, NASA's former chief of human spaceflight, to its roster as a consultant, Ars Technica reports.
Today's edition of the CyberWire reports events affecting China, France, Iraq, the Democratic Peoples Republic of Korea, the Republic of Korea, NATO/OTAN, Russia, the United Kingdom, and the United States.
Virgin Galactic Plans to Resume Space-Tourism Sales(Wall Street Journal) Virgin Galactic Holdings still plans to make its first commercial space-tourism flight this year and took a step toward resuming ticket sales for jaunts expected to cost upward of $250,000.
Boeing Finds Debris In MAX Fuel Tanks(Aviation Week) Boeing is inspecting all 737 MAXs it has in storage and adding factory-floor precautions after discovering foreign object debris (FOD) in the fuel tanks of m
Boeing Booked No New Jetliner Orders in January(Wall Street Journal) Boeing said it booked no new jetliner orders in January, increasing the financial strain that has been building during the 737 MAX crisis as airlines added no new deposits to secure a place in the plane maker’s order backlog.
Could Boeing’s Woes Finally Be Behind It?(Defense Security Monitor) Boeing’s annus horribilis has culminated in the worst full-year loss in the company’s 103-year history. Nearly the whole year has been consumed by the two fatal crashes of its 737 MAX,…
Navy awards a $178M contract to update GPS systems(C4ISRNET) The Naval Information Warfare Center Pacific has awarded Booz Allen Hamilton a $178 million contract for to modernize GPS systems in partnership with the Air Force’s Space and Missile Systems Center, the company reported Jan. 24.
Leidos wins $7.7B Navy NGEN-R network services contract(FedScoop) Leidos has won the Navy‘s $7.7 billion contract for the network services portion of the Next Generation Enterprise Networks Recompete (NGEN-R). Under the potential eight-and-a-half-year Service Management, Integration and Transport (SMIT) contract, the Northern Virginia defense and IT contractor will provide “base network services … such as electronic software delivery, end user core build, endpoint detection, logistics …
Mercury Systems Receives $24M RF Microelectronics Order for Airborne Electronic Warfare Application(Globe NewsWire) Mercury Systems, Inc. (NASDAQ: MRCY, www.mrcy.com), a leader in trusted, secure mission-critical technologies for aerospace and defense, announced it received a $24 million order from a leading defense prime contractor for SWaP-optimized radio frequency (RF) modules ready for integration into an advanced electronic warfare system. The order was booked in the Company’s fiscal 2020 second quarter and is expected to be shipped over the next several quarters.
McKean Captures NAVWAR $249M Contract(MDJOnline.com) McKean Defense Group, LLC announced today that it was awarded a cost-plus-fixed-fee, firm-fixed-price contract to provide the Naval Information Warfare Center Pacific (NIWCPAC) integration,
Here is the Space Force’s new Enterprise SATCOM Vision(C4ISRNET) Under an enterprise satellite communication system, military and commercial satellite providers would be integrated. This would allow war fighters to seamlessly transition to whatever network or signal is available while maintaining connectivity.
Korean-made geostationary environment-monitoring satellite successfully launched(Korea Herald) The world's first geostationary environment-monitoring satellite built by South Korea has been successfully launched, the country's state-run aerospace research institute said Wednesday. The Ariane-5 rocket carrying the 3.4-ton Chollian-2B, tasked with monitoring the movement of fine dust and other air pollutants in the East Asian region, as well as tides, is on course to reach its transfer orbit some 36,000 kilomet...
Fifth anti-jamming satellite available to war fighters(C4ISRNET) The Advanced Extremely High Frequency satellite system is intended to replace the MILSTAR constellation in providing protected, anti-jamming satellite communications to high-priority United States military assets and its international partners in Canada, United Kingdom, Netherlands and Australia.
5G could bring new speed to military operations(C4ISRNET) If the U.S. military introduced a fifth generation network in to its C4ISR systems, decision-making in high profile military operations would improve because critical information would arrive faster, according to a Jan. 31 Congressional Research Service report.
Navy, Beset by Aging Tech, Pushes for Rapid Modernization(Wall Street Journal) Aging and fragmented technology has left the Navy unable to fully defend itself from persistent cyberattacks from China and elsewhere, defense officials said, prompting an effort to upgrade and secure computer networks.
Air Force, SpaceX to test Starlink capabilities in upcoming live-fire demonstration(Air Force Times) The April 8 event will be the next iteration of the military’s Advanced Battle Management System (ABMS) exercises, taking place at Marine Corps Air Station Yuma, Arizona, White Sands Missile Range, New Mexico, and Eglin Air Force Base, Florida. The demonstration will test the military's interoperability with SpaceX’s Starlink satellite constellations.
We don’t really know what we don’t know in orbit(C4ISRNET) Recent events show that current methods for calculating satellite collision in orbit are outdated and nearsighted, and better math for conjunction mitigation could shape how humans manage risk to maintain vital functions of space.
Agencies ordered to prepare for GPS outage(Federal News Network) The departments of Commerce, Defense, Transportation and Homeland Security are on the clock to secure systems that support global positioning satellites.
Pentagon Mulls Space National Guard Options(Air Force Magazine) National Guard officials are pushing for the Defense Department and Congress to create a Space National Guard despite some uncertainty within the Pentagon.
Why the Airbus anti-bribery probe is unprecedented(Moneycontrol) An anti-corruption investigation that involved law enforcement agencies of three countries and concluded in a record-breaking fine for Airbus has far-reaching consequences beyond the aviation company.
Ukraine: Recordings show Iran knew jetliner hit by a missile(Military Times) A leaked recording of an exchange between an Iranian air-traffic controller and an Iranian pilot purports to show that authorities immediately knew a missile had downed a Ukrainian jetliner after takeoff from Tehran, killing all 176 people aboard, despite days of denials by the Islamic Republic.
Federal Judge Halts Pentagon Cloud Contract(Wall Street Journal) A federal judge ordered the Pentagon to halt work on the massive JEDI cloud-computing contract, handing Amazon an early win in its efforts to overturn the award to rival Microsoft.