Kathy O’Donnell is the leader of Space Solutions Architecture at AWS. We dive into case studies with companies using generative AI and space tech to...
AWS in Orbit: Securing the space frontier with AI cybersecurity solutions.
We dive into space cybersecurity challenges, opportunities, and what’s over the horizon with AWS, generative AI, and space tech with Buffy Wajvoda.
Buffy Wajvoda is the Global Leader for Space Solutions Architecture at AWS Aerospace and Satellite. In this extended conversation, we dive into how AWS is supporting cybersecurity in the space domain. You can learn more at AWS re:Invent.
AWS in Orbit is a podcast collaboration between N2K and AWS to offer listeners an in-depth look at the transformative intersection of cloud computing, space technologies, and generative AI. You can learn more about AWS in Orbit at space.n2k.com/aws.
Remember to leave us a 5-star rating and review in your favorite podcast app.
We want to hear from you! Please complete our short survey. It’ll help us get better and deliver you the most mission-critical space intel every day.
Want to hear your company in the show?
Want to join us for an interview?
Please send your pitch to firstname.lastname@example.org and include your name, affiliation, and topic proposal.
T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
[ Music ]
>> Maria Varmazis: Welcome to AWS In Orbit. I'm Maria Varmazis. We're working with AWS to bring you an in-depth look at the transformative intersection of cloud computing, space technologies, and generative AI. On AWS In Orbit, we're exploring not just what's possible, but what's meaningful in the realm of space and cloud innovation. We grapple with the complex challenges and unparalleled opportunities that arise when we use space to address pressing issues right here on Earth.
[ Music ]
>> Maria Varmazis: Episode 2. BufFy Wajvoda and securing the space frontier with AI cybersecurity solutions.
>> Buffy Wajvoda: My name is Buffy Wajvoda and I am the Global Leader for Solutions Architecture at AWS for the aerospace and satellite business.
>> Maria Varmazis: In this episode, Buffy is going to take us on a journey through the intricacies of cybersecurity in the space sector. Buffy will discuss the unique challenges and solutions AWS offers in securing the space frontier. She also will delve into real world scenarios where AWS' cybersecurity solutions are making space exploration safer and more secure, and leveraging generative AI to do it.
[ Music ]
>> Buffy Wajvoda: My journey started about 22 years ago at the National Security Agency. So, I started out there as a cryptanalyst but quickly got into both signal analysis and signal engineering, because I was so fascinated by that. After working at the NSA for a number of years, I ended up joining AWS in 2019. From there, I started the Ground Station technical sales team, also known as the Solution to Architecture team. And then quickly after, AWS decided you know, space is really something that we should be paying attention to. So, there was a number of us who were brought in at the start of 2020, to really brainstorm about how we could so space better. And then in July of 2020, is when we started the Aerospace and Satellite business unit at AWS, for which I started the technical team there as well.
>> Maria Varmazis: Well thank you, Buffy. So, you are at a fascinating intersection of cybersecurity and space. Tell me a bit about the need first, for maybe stronger cybersecurity in space. But give some context to this a little bit as well, if you could.
>> Buffy Wajvoda: Yeah. I'm happy to. So, for starters, cybersecurity for space is a now problem, right. So, the space industry has been growing at a extremely rapid rate. Whether that's building satellites, building rockets, launching space assets, launching space stations, obtaining space data, or deriving insights from space data. It is the fastest growth in the industry since the 1960's.
>> Maria Varmazis: Yeah.
>> Buffy Wajvoda: And because of that growth, securing space is now being recognized on a global scale, right. So, whether it's the US Space Force, who just issued their infrastructure pre-assessment requirement, missed giving guidance on how space should use quantum resistant cryptography. The White House hosting the space system cybersecurity form. The EU expressing interest in setting up a Space ISAC. That's an Information Sharing and Analysis Center. Or the Indian Space Research Organization explaining how they fight over 100 cyber attacks a day. Space cybersecurity is a now problem. And AWS is uniquely positioned to help space customers understand, identify and then lastly, automate the mitigation of those space cybersecurity threats.
>> Maria Varmazis: There's a really interesting kind of bridging the gap where there are many organizations that understand that cybersecurity in space is a high need at many that you mentioned. And then there's others where it's sort of like, we're still trying to get people to understand that this is something they really need to be paying more attention to. And I think one of the big challenges is explaining why cybersecurity in space is such a unique field, so to speak, compared to just sort of terrestrial cybersecurity for [inaudible]. I mean, well there's cloud also. But you know, terrestrial cybersecurity.
>> Maria Varmazis: Which is, the cloud is on the ground, yes.
>> Buffy Wajvoda: Yes, yes.
>> Maria Varmazis: Despite the name. So, why, why is cybersecurity in space so different? I mean, aside from the in space part. I mean, what is it about it that makes it so nuanced?
>> Buffy Wajvoda: Well, it really is the in space part, right. So, when you look at space cybersecurity, you're really looking at 4 segments. And some of those are, some of those are similar to what you would see in a terrestrial network, right. So, you have the user segment. You have the ground segment, which could be similar to let's say like, a data center's segment. That's where you have your antennas, and your operations, and all of that. But space also has RFLink, and space links in between the space assets. So, unlike like a normal webpage, where bad actors only have a couple ingress points, with space you have multiple ingress points to launch a cyber-attack. An example of that, a common space start that we see at the RFLink layer, which is something that wouldn't affect terrestrial, is GPS spoofing. So, the GPS that we all use is completely reliant on satellites. But let's say for example, a bad actor sends a rogue GPS signal. The endpoint user could potentially be using an incorrect map position. So, think about things like automatic cars or military operations. The effect of that could be catastrophic. Another thing that's fairly unique about space, again, because space is so far away, is that the space industry still employs a large amount of legacy systems and hardware. And those are often very, very complex and hard to secure using modern methodologies. So, for example, on a terrestrial network, you could always swap out a router. It's not trivial, but it's conceivable. For space, it's not so easy to just swap out a satellite, let's say. So, that makes it very, very different from a terrestrial network.
>> Maria Varmazis: Yeah. That's a really fascinating point, honestly. Not everything, a lot of things are not just software problems. Sometimes it's literally the hardware too. What are some misunderstandings that you commonly hear when people are talking about cybersecurity in space, especially when we're talking about what's on a satellite?
>> Buffy Wajvoda: I think the most common misunderstanding is that space is secure because it's air gapped, right. So, again, space is really, really far away. And up until recently, space was a you know, nation-state or a big corporation problem. So, to put that in perspective, in 2016, there was about 1,400 active satellites. So, a lot. But almost all of them were owned by a nation-state and large broadcast corporations. Now, 7 years later, there are 7,700 active satellites. So, a 5.5 times increase, a ton of commercial users out there. But everyone still kind of thinks of space as far away. It's air-gapped. It's hard to get to. And so, it must be secure, it's far away.
>> Maria Varmazis: Just because we have a hard time getting to it, doesn't mean information has a hard time getting to it, right.
>> Buffy Wajvoda: Exactly.
>> Maria Varmazis: Yes. So, you've done a wonderful job explaining the threat landscape, the threat surface, so to speak. And that surface is changing so much, because we hear about like proliferated networks. And also, as you mentioned, like the volume of satellites going into space. So, satellites, they're now not just talking to the ground but they're talking to each other and data is getting shared. Can you talk a little bit about what that means for security.
>> Buffy Wajvoda: Yeah. That's one of my favorite things to talk about, right. Especially the proliferated constellations that are out there. So, examples of those are things like, Amazon Kuiper, or OneWeb, or many others. There are several customers out there who are making giant nets of satellites above our heads. Where the satellites talk to each other, and talk to the ground. So, when space networks unify with terrestrial networks, first off, I want to talk about the importance of that, right. That is going to be a gamechanger for the industry. And space is going to become just a part of our everyday lives. It is where the, it is where the industry needs to go. And it is actually going to be a really great thing. However, as you know, any network becomes more and more connected, it leaves more and more ingress points, and allows the network more vulnerability to be attacked. So, right now for example, if you want to attack a space network, you need to get access to that space network. So, you can do that through our uplink. You can do that through if you have, I don't know, a space asset yourself, in space. But it's hard, right. It is hard. But as those networks become more and more interconnected into our terrestrial network. Let's take for instance, the use case of the phone. So, phones will have those satellite radios built into them. If there is a satellite radio built into my phone, and I am a hacker, I'll be able to you know, basically have and ingress path to a satellite that is in my hand. Which didn't exist before.
>> Maria Varmazis: Yeah.
>> Buffy Wajvoda: So, that's where you know, that is where the, I would say the tricky part of integrating with terrestrial comes into place. Because right now, the networks tend to be very, very separate. But as you connect the space networks with the terrestrial networks, all of a sudden, you're going to have more connectivity, more ingress points. And space is going to become vulnerable to vanilla like cyber-attacks. So, think about things like DDos, for example. So, DDoS being denial of service. If you have a website, you throw a bunch of requests at that website. And then no one else can access that website because there's just too many requests coming back and forth, back and forth. Imagine doing that to a satellite in space. So, you can take out entire COM satellites. You could take out entire Earth observation satellites, just by sending a bunch of requests to space. DDoS really isn't something that space deals with nowadays. But in the you know, very near future, when space and terrestrial is more connected, it is going to be just commonplace for those sort of vanilla cyber-attacks to be a part of the you know, space cybersecurity portfolio.
>> Maria Varmazis: Okay. So, what would that look like when that happens?
>> Buffy Wajvoda: I think one of the examples that most people are familiar with is the blackout of Viasat over Ukraine. So, that was done through malware. So, the attackers were able to get into just a normal computer system, use a normal cyber-attack, malware, and basically take all of Viasat's modems. So, it's an example of how once we connect more and more at that terrestrial layer, you're going to make networks in space more and more vulnerable.
[ Music ]
>> Maria Varmazis: So, it's kind of a double-edged sword, right. Where you have these increasingly interconnected satellite networks that on the one hand are more vulnerable because they're interconnected, but then there's also great benefit too, right.
>> Buffy Wajvoda: I know for me, one of the things that I personally, like am excited about, but also want to make sure that customers understand from a security standpoint, is how 5G networks will connect to satellites. Because one of the things about 5G networks and how they're being used, is to use a lot of new access points on ground, like IoT. But IoT, if it's not configured properly, can be less secure. So, all of a sudden, you have this new access point that you didn't even think about, being connected to a satellite. And you can trace it all the way back to a satellite.
[ Music ]
>> Maria Varmazis: Yeah. It's so fascinating, as you're talking about these different sort of, I love the term vanilla attacks. Because no, it's a great description because it's one of those things like, there's sort of a, there's an allure to being in space. There's like the cool factor.
>> Buffy Wajvoda: Right.
>> Maria Varmazis: And yet these attacks can be very, for lack of better terminology, kind of unsexy. But it's just like, but it's...
>> Maria Varmazis: No, it's true. Space is now vulnerable to you know, I know it's a bit cliché, but you know, it's vulnerable to like the 15-year-old you know, kid who wants to be a hacker and have his name known, or her name known, right. Because these are attacks that you can use across any layer of the network.
>> Maria Varmazis: Absolutely. And it's, I'm so glad that you've laid out that landscape for us. So, thank you. So, we've spent some time talking a bit about sort of, the current situation. And it's like oh, this is so much big challenges. So, let's completely switch gears. What is AWS doing to innovate here and help secure customers?
>> Buffy Wajvoda: So, AWS I think, is uniquely positioned to help our space customers understand, identify, and automate the mitigation of space cyber threats. So, AWS has over 300 security services. We support 143 different security standards and compliance certifications. And we can provide customers to thousands of third party security solutions, that are already deeply integrated with our services. So, that is all to say that AWS is trying to make security easy. And so, what customers are asking us for, is easy and actionable security services, so that they can manage their cyber threats. In addition, I would say that AWS' scale allows for a significantly more investment in security counter measures. So, for example, at the end of August, AWS security teams noticed a new type of cyber threat, a new type of HTTP request that was flooding our customers. And we were able to mitigate that for all of AWS customers. Because we're continuously looking at our own infrastructure, and trying to booster, bolster security for all customers. I think AWS is doing a lot in terms of innovating in how we think about security. So, the hot topic for a lot of industries right now is, AIML and generative AI. So, we work closely with a lot of customers to use these technologies to develop new cybersecurity solutions, and introduce the new part of generative AI. So, one of those customers is CrowdStrike.
>> Maria Varmazis: Let's dive into CrowdStrike, what they've been doing. Can you tell me a little bit about what's going on there?
>> Buffy Wajvoda: Yeah. So, CrowdStrike has developed a generative AI security analyst called Charlotte AI. Which is able to help customers quickly react to new threats and speed up investigations. And this is all being powered by Amazon Bedrock. So, Amazon Bedrock, if you're not familiar with that, it provides easy API access to a bunch of foundational models that we have stored in the cloud. So, we have foundation models from the top startup companies. Which usually encompasses like, large tomes of information, puts it in a model, vectorizes it and then allows customers to use the creative power of generative AI. And Amazon Bedrock provides customers easy API access to those foundational models. So, in the case of CrowdStrike and Charlotte AI, they're using Bedrock to use natural language processing for threat detection, investigation, hunting, response, all using the CrowdStrike Vulcan platform.
>> Maria Varmazis: Wow.
>> Buffy Wajvoda: So what does this, yeah, what does this mean/
>> Maria Varmazis: Yeah. What does that look like? I'm really curious, yeah.
>> Buffy Wajvoda: Yeah, exactly. So then, so people who are using Charlotte AI, so customers who are using Charlotte AI can ask security questions of the platform. Like, what are the biggest risks facing our business-critical assets? Or what threat actors most often target us? So again, it's that natural language processing, rather than trying to do a complicated let's say, database query, or even if you have something like a dashboard drawing all the lines to the security processes. Now customers can just ask natural questions. Like, did I have a cyber attack yesterday? And Charlotte AI will be able to answer that.
>> Maria Varmazis: Wow.
>> Buffy Wajvoda: So, the actions that they receive are intuitive. And then it also provides actionable answers on ways to mitigate those risks.
>> Maria Varmazis: Wow.
>> Buffy Wajvoda: In addition, when you think about like, all of the training that security analysts have to go through, it also allows your most advanced security analyst to work on the most advanced problems.
>> Maria Varmazis: Yeah.
>> Buffy Wajvoda: Because now anyone can do sort of the basic like, where is my security stance today?
>> Maria Varmazis: Yeah.
>> Buffy Wajvoda: And so, all of that being powered by Amazon Bedrock, and our financial models, we're super excited about that. And you know, we hope that this solution that CrowdStrike has made helps all industries, including the space industry.
>> Maria Varmazis: That is such a cool story. Cause I can absolutely see, I've been in those meetings where you've got like a C level executive asking those exact questions.
>> Buffy Wajvoda: Right.
>> Maria Varmazis: And that usually takes a ton of work. And a ton of time to answer that. It's a lot of digging. And being able to give that, or actually better yet, being like here you go. Here's a tool you can actually use.
>> Buffy Wajvoda: Well, that's why I say. So now, you know, not to you know, not to belittle the skillsets, but you know, not all C level individuals are at a you know, technical level that is on par with everybody else. And so now, C level individuals who are probably very, very busy in their day can say, how many attacks did I have yesterday?
>> Maria Varmazis: Yeah.
>> Buffy Wajvoda: And you'll get an intuitive answer.
>> Maria Varmazis: That's amazing. And it's not within, and I don't mean it in a mean way, a walled garden. It's like just, security analysts are super busy people. So, they know that those requests are very important. But sometimes they're literally fighting a fire. And they may not be able to get...
>> Buffy Wajvoda: And then another fire pops up.
>> Maria Varmazis: And then another fire, exactly. That is really game changing. I'm not, I don't want to undersell that. That is huge. Just that accessibility information. So, yeah. Here I am fangirling about how cool this sounds. But I'm very curious what you've heard from security analysts about what they think about all this?
>> Buffy Wajvoda: One of the things that we often hear from security analysts, in terms of getting information out to the workforce, is that they are reluctant to give all of the information to the workforce. Because it would inundate the workforce.
>> Maria Varmazis: Yeah.
>> Buffy Wajvoda: When you look at the amount of cyber-attacks, DDoS attacks, like possible failed logins, all of it. It inundates people.
>> Maria Varmazis: Yes.
>> Buffy Wajvoda: And while they want to be transparent, they also don't want to paralyze the workforce, right.
>> Maria Varmazis: Yes.
>> Buffy Wajvoda: So, here again, generative AI and natural language processing just makes this all way more accessible but also way more actionable. Anyone can be a security analyst.
>> Maria Varmazis: It's just, but also like, people who have a gajillion things to do. And again, they're usually fighting lik e20 million fires at once. But that information is also so important for a lot of people. They need to know. They need to have a sense of the company's position on something. Or you know, how vulnerable are we? And it lets people who have a specialization do more of that. Whereas, the general information gets where it needs to go. I'm just, that's incredible.
>> Buffy Wajvoda: Okay. Anyone, you know, ranging from you know, people who are new at a company to executives, will be able to ask you know, very simple, very intuitive security questions, get the answers that they need, and then your highly trained security analyst will be able to work on the most critical problems. Rather than you know, honestly just working on data gathering.
>> Maria Varmazis: Yeah. And like running reports, which is the last thing they usually want to be doing.
[ Music ]
So, let's talk a bit about innovation. Because security is a field where we always have to stay on top of what's going on. We got to try and stay one step ahead of the adversary. Innovation is so important. Innovation is also what space is all about. So, what is AWS doing in terms of innovation for cybersecurity in space?
>> Buffy Wajvoda: So, for AWS, security has always been the top priority. So, AWS has been looking at security since 2006. And I think I mentioned before, AWS now has over 300 security services. And we continue to add more. So, at AWS, 90% of our roadmap comes from customer requests. So, as we talk to more and more customers, we get the feeling of what they need. Whether it is bringing on more analysis, more analytical tools. Whether it's bringing on more mitigation. Whether it's bringing on more dashboarding. And again, sort of that you know, ease of security. So, that's you know, our bread and butter at AWS. One of the things that we recently launched was AWS security data link. So, now customers can have a central location to put all of their security information. And be able to see it with a single pane of glass. And that may seem so easy, but when you look at companies where you have finance, you have HR, you have operations, you have maintenance, those often are stove pipes across the, you know, the customer segment. And so, getting everything together to make a single pane security picture, is really, really powerful. In terms of space itself, you know, AWS is working with customers and innovating alongside customers to use the tools that we have, and to use the partner network we have, like the CrowdStrike example that I just gave, to allow customers to secure their space assets.
>> Maria Varmazis: I'd love to know about the people side of things. Because that's always a challenge, especially in cybersecurity and in space. So, when we kind of bring the peanut butter and chocolate together, it's like better together, but also really hard to find folks who can sort of make that magic happen. So, thoughts on that, about finding those folks, bringing them in and getting them up to speed.
>> Buffy Wajvoda: First off, we do peanut butter and Nutella at my house. So, if you haven't tried that, I highly, highly suggest that.
>> Maria Varmazis: Sounds, yeah. [laughter]
>> Buffy Wajvoda: In terms of you know, spinning up a security savvy workforce, AWS is broadly committed to working with our customers, our partners, and governments to improve cybersecurity. So, some examples of that are just upscaling. AWS is dedicated to the upscaling of the [inaudible] community, throughout all of the industries, to become successful on AWS. So, examples of that are our AWS Cloud Institute. A new program that we just launched where one can become a cloud developer, in as little as one year. AWS educate with hundreds of free hours of training online, or the AWS Skills Institute. So, at the end of the day, AWS is investing hundreds of millions of dollars to grow our customer's technical skills. The second thing is how we actually shape the security market itself. An example of that is how AWS cofounded the Open Cybersecurity Schema Framework project. So, that facilitates the interoperability of data normalization and security products. So, basically all the security products can start talking to each other and inform each other. And through that program, we've actually made an initial commitment of $10 million, in a variety of open-source security improvement projects. And then the third thing goes along with you know, the size of Amazon, and the scale of Amazon. So, AWS has the ability to work with governments around the world, to provide innovative solutions to advance shared goals for bolstering security against cyber and combating security risk.
>> Maria Varmazis: Fantastic. That's great to hear. And it is such a pressing need. And we need all hands on deck, frankly. So, that's wonderful to hear that AWS is doing all of that. I would love to know what your call to action would be for the space community, in terms of maybe not just improving their understanding of the need for cybersecurity, but also empowering them.
>> Buffy Wajvoda: So, first off, I would challenge anyone who's listening to this, to expand their thinking around what is the space community or the space industry. So, AWS, and I personally work with many customers who are essentially space companies. Not because they have a satellite in orbit, but because of the valuable insights that they get from space. So, whether you're the oil and gas industry, the financial industry, the government, insurance industry, I would say that these industries are all space industries. And because space is such a critical part of so many industries, the time to secure space is now. Second thing that I want to recap would be that cyber-attacks are not a question of if, but when. Cyber is going to happen. So, specifically for space, relying on the old school isolation air-gap of space is not going to be enough to secure space. Especially if space becomes more interconnected with our terrestrial networks. So, again, the time to get those cybersecurity plans in place is now.
>> Maria Varmazis: So let's, let's pivot to the future of cybersecurity in space. It's very hard to predict where things are going. But I would love to know your thoughts on where you see things going.
>> Buffy Wajvoda: I think that, well one, the obvious that cybersecurity in space is a paramount thing to look at, to fix, to really bring to the forefront of every business. But for me in particular, I see that as space becomes more interconnected amongst itself, right. So, satellites talking to other satellites. Satellites talking to space stations. And then becomes more integrated with our traditional terrestrial networks. And whether that is just connecting to our fiber backbones, or you know, specific sort of service level connections. For example, satellite helping and bolstering a 5G network. Once those connections are more and more, the cyber threat to space is going to become more and more. And so, if I were to look into my crystal ball, I would say that we have you know, a few examples right now of, a few major examples right now of say, blackouts over Ukraine or GPS spoofing. But they are you know, maybe at least the bigger examples are not, hasn't, the bigger examples hasn't inundated the press, like we have seen with the terrestrial examples.
>> Maria Varmazis: That's true. Yep.
>> Buffy Wajvoda: I think that in a number of years, take 5, 10 years, I think space cyber-attacks are going to be a normal part of news. So, space is going to become more ubiquitous. Everyone is going to be using space, whether they know it or not, you know. Major telecom providers have already invested in radios for smartphones. So that if you are out of distance from a terrestrial tower, you will automatically be passed over to a satellite connection. And as a user, you won't even know it. You'll just seamlessly move from terrestrial to satellite, back to terrestrial, and you'll never know it. And as more and more of that just becomes just every day behavior, you're going to have more and more high profile cyber-attacks in space. And it's going to become a large part of the media. And my hope is that before it becomes such a large part of the media, and such a large part of you know, I guess, commonplace, that space companies are proactive in developing their cybersecurity plans, using tools like the ones on AWS or through our partner network. And making sure that they have those security plans and mitigation protocols in place now.
>> Maria Varmazis: So, Buffy, tell me a bit about AWS Reinvent and what the AWS team is going to be sharing with us there.
>> Buffy Wajvoda: AWS Reinvent of course, is the biggest AWS conference of the year. And we are super excited to have customers of all industries come and join us. Whether you are VPs, decision makers, users, or just interested in AWS. Please come to Reinvent in Vegas. For the space side, we actually had 8 sessions dedicated to space, a workshop, and 3 booth demos. So, a lot of investment in space, and a lot of ways that people can come and learn what AWS is doing in the space industry. And also be able to listen to customers like Viasat, United Launch Alliance, Iridium, and SkyWatch, on how they're using AWS to advance the space industry.
[ Music ]
>> Maria Varmazis: And that's it for AWS In Orbit, episode 2. Buffy Wajvoda and securing the space frontier with AI cybersecurity solutions. A special thanks to Buffy Wajvoda for joining us today. For additional resources from this episode, check out our show notes at space.n2k.com/aws. If you want more of this content, consider attending the AWS Reinvent conference, from November 27th to December 1st in Las Vegas, Nevada. You can learn more at reinvent.awsevents.com. This episode was produced by Alice Carruth and powered by AWS. Our AWS producer is Laura Barber. Mixing by Elliott Peltzman and Tre Hester, with original music and sound design by Elliott Peltzman. Our executive produce is Brandon Karpf. And I'm Maria Varmazis. And tune in for a sneak preview of episode 3, accelerating innovation and investment at the space edge, on December 5th. Thanks for listening.
[ Music ]