The US and EU unveil new strategies for space.

[ Music ]

>> Maria Varmazis: The RF spectrum. We need it, and there's only so much of it. You know, I've been racking my brains trying to figure out how in the heck you make spectrum sound fun. So how about this? Forget about the drama on your favorite reality show. The real action is happening in the frequencies. It's like a game of musical chairs, but instead of seats, we're jostling for bandwidth. Eh? What do you think? Too much of a hard sell? Yeah.

[ Music ]

Today is November 14, 2023. I'm Maria Varmazis, and this is T-Minus.

[ Music ]

The U.S. unveils a National Spectrum Strategy. The European Union Council approves the first EU Space Strategy for security and defense. We'll be bringing you the latest from Space Tech Europe. And our guest today is Buffy Wajvoda, the global leader for Space Solutions Architecture at AWS Aerospace and Satellite. You'll want to stay with us for that chat.

[ Music ]

Onto today's intelligence briefing, and the Biden-Harris administration, along with the National Telecommunications and Information Administration, or NTIA, unveiled a National Spectrum Strategy, identifying over 2,700 megahertz of airwaves for innovative uses by private sectors and federal agencies. The plan aims to foster innovation, improve coordination, develop dynamic spectrum sharing and enhance the spectrum workforce. As part of the announcement of the National Spectrum Strategy, President Biden also released a memorandum on modernizing the U.S. Spectrum policy, which the NTIA says will "Promote a trustworthy, predictable, and evidence-based process for ensuring spectrum serves its highest and best use. There is a pressing need for this attention on spectrum allocation. With more tech and applications that need spectrum access and only so much to go around, taking a good look at what's being used and by whom is something many across aerospace and wireless broadband sectors have been calling for. In fact, the Satellite Industry Association today complimented the administration on its announcement of a National Spectrum Strategy saying that the strategy proposals are for the benefit of all Americans. The new National Spectrum Strategy targets 2,786 megahertz across five spectrum bands, with a focus on mid-band spectrum, critical for next-generation wireless services. And the NTIA will take the next two years to study those five spectrum bands, and that mix of bands could support a range of uses, including wireless broadband, drones, and satellite operations. As you might imagine, there is a lot to this announcement, including long-term plans to regularly update spectrum allocation, as well as the methods used to make those allocations. And you can read the whole fact sheet from the NTIA, which we have linked for you in our show notes. The European Union Council has approved its first EU Space Strategy for security and defense. The strategy proposed the following actions, an increase to the EU's understanding of space threats, enhancing the resilience and protection of space systems and services, better response to space threats, and enhanced use of space for security and defense purposes. The EU Council reaffirmed that space is a global commons free for exploration and use by all states. The strategy included a provision of space domain awareness information as a national responsibility. It calls for the European Commission to investigate security and defense uses of the EU Constellation IRIS-2. It also highlights the importance of the UN Open-Ended Working Group to address norms, rules, and principles of responsible behaviors in space. And it welcomes further study of an EU Earth Observation Governmental Service. The full strategy can be found in our show notes. And today kicked off Europe's largest B2B space conference, the SpaceTech Expo Europe in Germany. Companies from across the continent and around the world are gathering to exhibit and network in Bremen. The event is expected to attract more than 6,000 visitors and over 650 exhibitors. We're already seeing news wires announcing new platforms from Spire Global, QuickLogic, and Morpheus in day one, and we'll keep an eye on further announcements from the three-day event. German launch startup, HyImpulse Technologies, has successfully completed the assembly and integration of its first SR-75 launch vehicle. The one-stage suborbital rocket is capable of carrying payloads of up to 250 kilograms to a max altitude of 200 kilometers and is powered by the company's hybrid rocket engine that uses paraffin and liquid oxygen. And with the first announcement from the Space Tech Expo in Bremen, Australia's Southern Launch CEO Lloyd Damp and HyImpulse Technologies co-CEO, Christian Schmierer, confirmed the launch window of the SR-75 from Southern Launch's Koonibba Test Range in March 2024. Telespazio, through its subsidiary Telespazio UK, has announced the acquisition of leading UK independent space systems engineering and consultancy firm E2E Group. E2E Deep Satellite Communications Engineering Expertise provides Telespazio UK with enhanced capability in the delivery of space-enabled services. According to the press release, this acquisition provides a huge step forward in Telespazio UK's journey to make a major impact in helping to deliver the UK national space strategy from both a civil and defense perspective. This larger combined business will also boost the ability of Telespazio Group, its Space Alliance partner, Thales Alenia Space, and its shareholders, Leonardo and Tullis, to offer integrated defense and space solutions to UK customers. No financial details were included with their news release. Saudi Arabia announced the signing of $2.9 billion of contracts with Chinese and Korean firms at the Taif Investment Forum to include $1.3 billion towards the development of a Mars-themed city. The Mars-themed project will be carried out at Taif University with the Beijing Technology Group, which includes Chinese university, government, and advertising companies. Taif is a city and governorate in the Mecca province of Saudi Arabia, and it's termed as the "Science Fiction Space City" or "Mars War." And it's hoped that this project will propel the Kingdom's space innovation. Satellite Technology Company SkyFi has announced a strategic partnership with cloud-based platform, ImiSight, which specializes in imagery and artificial intelligence solutions. The collaboration aims to streamline and enrich the Earth observation experience by seamlessly integrating ImiSight's advanced analytics capabilities with SkyFi's web and mobile and SkyFi's imagery data to ImiSight's geospatial platform. The results, according to the press release, an unprecedented wealth of geospatial data and AI-driven insights. Marotta Controls has been selected by NASA's Jet Propulsion Laboratory to supply two types of valves on the sample retriever rover, which is a key element of NASA's Mars sample return program. If budgets allow, and we have more on that later in this episode, NASA plans to land a sample retrieval lander near or in Jezero Crater no earlier than 2028, bringing a small rocket, on which the samples collected by the Perseverance rover would be loaded. Once the samples are launched off the Red Planet, another spacecraft would then capture them in Mars' orbit and then ferry them to Earth safely and securely in the early to mid-2030s. And speaking of NASA, NASA Associate Administrator and former astronaut, Robert Cabana has announced his retirement. Cabana has been the agency's highest-ranking civil servant, third highest ranking NASA official, and the Senior Advisor to NASA Administrator, Bill Nelson, and Deputy Administrator, Pam Melroy. Cabana's last day with NASA will be Sunday, December 31, after more than 38 years of service.

[ Music ]

That concludes our briefing for today. You'll find links to further reading on all the stories mentioned in our show notes. We've also included a link to a CNN piece that asks, "Is the UK space industry about to take off? Well, they're all at space.n2k.com, and just click on this episode title. Hey T-minus crew, if you're just joining us, be sure to follow T-minus Space Daily in your favorite podcast app. And also, if you could do us a favor, share the intel with your friends and coworkers. Here's a little challenge for you. By Friday, if you could please show three friends or coworkers this podcast, that would be awesome. That's because a growing audience is the most important thing for us, and we would love your help as part of the T-Minus crew. If you find T-Minus useful, and as always, we really hope you do, please share it so other professionals like you can find the show. Thanks! It means a lot to me and all of us here at T-Minus.

[ Music ]

We're continuing our AWS in Orbit series this week with an extended interview with Buffy Wajvoda, the global leader for Space Solutions Architecture at AWS Aerospace and Satellite on Saturday. Today, we introduce our discussion about cybersecurity in space. I started by asking Buffy to tell us her thoughts on the intersection of cyber in space.

[ Music ]

>> Buffy Wajvoda: So for starters, cybersecurity for space is a now problem. Right? So the space industry has been growing at an extremely rapid rate, whether that's building satellites, building rockets, launching space assets, launching space stations, obtaining space data, or driving insights from space data. It is the fastest growth in the industry since the 1960s. And because of that growth, securing space is now being recognized on a global scale. Right? So whether it's the U.S. Space Force who just issued their infrastructure preassessment requirement, NIST giving guidance on how space should use quantum-resistant cryptography, the White House hosting the Space Systems Cyber Security Forum, the EU expressing interest in setting up a space ISAAC, that's an Information Sharing and Analysis Center, or the Indian Space Research Organization explaining how they fight over 100 cyberattacks a day. Space cybersecurity is a now problem, and AWS is uniquely positioned to help space customers understand, identify, and then lastly, automate the mitigation of the space cybersecurity threats.

>> Maria Varmazis: So why is cybersecurity in space so different, I mean, aside I mean, aside from the in-space part. I mean, what is it about it that makes it so nuanced?

>> Buffy Wajvoda: Well, it really is the in-space part, right? So when you look at space cybersecurity, you're really looking at four segments, and some of those are similar to what you would see in a terrestrial network, right? So you have the user segment. You have the ground segment, which could be similar to, let's say, like a data segment. That's where you have your antennas and your operations and all of that. But space also has RFLink, and SpaceLink is in between the space assets. So unlike like a normal webpage where bad actors only have a couple ingress points, with space you have multiple ingress points to launch a cyberattack. An example of that, a common space threat that we see at the RFLink layer, which is something that wouldn't affect terrestrial, is GPS spoofing. So the GPS that we all use is completely reliant on satellites. But let's say, for example, a bad actor sends a rogue GPS signal. The endpoint user could potentially be using an incorrect map position. So think about things like automatic cars or military operations. The effect of that could be catastrophic. Another thing that's fairly unique about space, again, because space is so far away, is that the space industry still employs a large amount of legacy systems and hardware. And those are often very, very complex and hard to secure using modern methodologies. So, for example, on a terrestrial network, you could always swap out a router. It's not trivial, but it's conceivable. For space, it's not so easy to just swap out a satellite, let's say. So that makes it very, very different from a terrestrial network.

>> Maria Varmazis: Yeah, that's a really fascinating point, honestly. It's -- not everything. A lot of things are not just software problems. Sometimes it's literally the hardware, too. What are some misunderstandings that you commonly hear when people are talking about cybersecurity in space, especially when we're talking about what's on a satellite?

>> Buffy Wajvoda: I think the most common misunderstanding is that space is secure because it's air-gapped. Right? So, again, space is really, really far away, and up until recently, space was, you know, a nation-state or a big corporation problem. So, to put that in perspective, in 2016, there was about 1,400 active satellites. So a lot, but almost all of them were owned by a nation states and large broadcast corporations. Now, seven years later, there are 7,700 active satellites. So a 5 .5 times increase, a ton of commercial users out there, but everyone still kind of thinks of space as far away. It's air gapped. It's hard to get to. And so, it must be secured. It's far away.

>> Maria Varmazis: Just because we have a hard time getting to it doesn't mean information has hard a hard time getting to it.

>> Buffy Wajvoda: Exactly.

>> Maria Varmazis: Yes. So you've done a wonderful job explaining the threat landscape, the threat surface, so to speak. And that surface is changing so much because we hear about like proliferated networks. And also, as you mentioned, like the volume of satellites going into space. So satellites, we're not -- they're not just talking to the ground, but they're talking to each other and data is getting shared. Can you talk a little bit about what that means for security?

>> Buffy Wajvoda: Yeah, that's one of my favorite things to talk about, right? Especially the proliferated constellations that are out there. So examples of those are things like Amazon Kuiper or OneWeb or many others. There are several customers out there who are making giant nets of satellites above our heads where the satellites talk to each other and talk to the ground. So when a space networks unify with terrestrial networks. First off, I want to talk about the importance of that, right? That is going to be a game changer for the industry, and space is going to become just a part of our everyday lives. It is where the industry needs to go, and it is actually going to be a really great thing. However, you know, as any network becomes more and more connected, it leaves more and more egress points and allows the network -- more vulnerable to be attacked. So right now, for example, if you want to attack a space network, you need to get access to that space network. So you can do that through RFLink. You can do that through if you have, I don't know, a space asset yourself in space, but it's hard, right? It is hard, but as those networks become more and more interconnected into our terrestrial network, let's take for instance the use case of the phone. So phones will have those satellite radios built into them. If there's a satellite radio built into my phone, and I'm a hacker, I'll be able to, you know, basically have an egress path to a satellite that is in my hand, which didn't exist before. So that's where, you know, that is where the, I would say, the tricky part of integrating with terrestrial comes into place, because right now the networks tend to be very, very separate. But as you connect the space networks with the terrestrial networks, all of a sudden, you're going to have more connectivity, more ingress points, and space is going to become vulnerable to Vanilla-like cyberattacks. So think about things like DDoS, for example. So DDoS being denial of service. If you have a website, you throw a bunch of requests at that website, and then, no one else can access that website because there's just too many requests coming back and forth, back and forth. Imagine doing that to a satellite in space. So you can take out entire com satellites. You could take out entire Earth observation satellites just by sending a bunch of requests to space. DDoS really isn't something that space deals with nowadays, but in the very near future, when space and terrestrial is more connected, it is going to be just commonplace for those sort of Vanilla cyberattacks to be a part of the, you know, space cybersecurity portfolio.

>> Maria Varmazis: Okay. So what would that look like when that happens?

>> Buffy Wajvoda: I think one of the examples that most people are familiar with is the blackout of ViaSat over the Ukraine. So that was done through malware. So the attackers were able to get into just a normal computer system, use a normal cyberattack malware, and basically take all of ViaSat's modems. So it's an example of how once we connect more and more at that terrestrial layer, you're going to make networks in space more vulnerable.

>> Maria Varmazis: So it's kind of a double-edged sword, right, where you have these increasingly interconnected satellite networks that on the one hand are more vulnerable because they're interconnected, but then there's also great benefit too, right?

>> Buffy Wajvoda: I know for me, one of the things that I personally like am excited about, but also, want to make sure that customers understand from a security standpoint is how 5G networks will connect to satellites. Because one of the things about 5G networks and how they're being used is to use a lot of new access points on ground like IoT. But IoT, if it's not configured properly, can be less secure. So all of sudden, you have this new access point that you didn't even think about being connected to a satellite, and you can trace it all the way back to a satellite.

>> Maria Varmazis: Yeah, it's so fascinating as you're talking about these different sort of, I love the term Vanilla attacks, because no, it's a great description because it's one of those things like there's an allure to being in space. There's obviously like the cool factor, and yet these attacks, can be very for lack of better terminology, kind of unsexy, but it's just like it's --

>> Buffy Wajvoda: No, it's true. Space is now vulnerable to, you know, it's a bit cliche, you know, but it's vulnerable to like the 15-year-old, you know, kid who wants to be a hacker and have his name known or her name known. Right? Because these are attacks that you can use across any layer of the network.

[ Music ]

>> Maria Varmazis: And a reminder that the full discussion with Buffy will be shared this Saturday as part of our extended AWS in Orbit Series.

[ Music ]

We'll be right back. Welcome back. Oh, America, we are quickly approaching the end of yet another budget deadline. Yep. We were just here a few weeks ago when a last-minute resolution allowed us to put a Band-Aid on the situation. Congress now has until November 17th to pass a resolution to set or extend funding for the federal government. And yeah, that includes agencies such as NASA. And all this budget uncertainty is having a knock-on effect on programs such as the Mars Sample Return Program. You see, part of the uncertainty to see is about the fiscal year 2024 budget, which is different in the House and the Senate. The House bill would provide the $949.3 million request by NASA for the next year. The Senate, on the other hand, would provide just $300 million. That means programs will be scaled back or even canceled if the smaller budget passes. The Mars sample return program that we mentioned earlier is costly. An independent study estimates the total to be somewhere between $8 and $11 billion over the course of its lifetime. So that kind of cut will certainly impact it first. NASA and other federal agencies are all operating under a continuing resolution that currently funds programs to the same level as fiscal year 2023. That still puts them in a better position than the Senate bill. However, with another possible continuation resolution stop gap proposed that will simply slap another Band-Aid on the situation until January, you know that these programs are grinding to a halt due to all the uncertainty. Now we know balancing the books is not an easy task, and politics is not an easy business, but we implore Congress, if they're listening, to make a decision and fast, not only to avoid a shutdown, but so programs can decide where the money will go and what amazing research and work can be done with it in the next year or not.

[ Music ]

That's it for T-Minus for November 14, 2023. For additional resources from today's report, check out our show notes at space.n2k.com. We're privileged that N2K and podcasts like T-Minus are part of the daily routine of many of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies. This episode was produced by Alice Carruth. Mixing by Elliot Peltzman and Trey Hester, with original music and sound design by Elliot Peltzman. Our Executive Producer is Brandon Karpf, and I'm Maria Varmazis. Thanks for listening. We'll see you tomorrow.

[ Music ]