recommended reading

Air Force extends anti-leak tool to space system

Earth, as seen from a satellite image.

Earth, as seen from a satellite image. // AP file photo

The Air Force has connected part of its satellite communications system to a defensewide security tool that blocks classified data leaks, Pentagon officials said.

The feat is exceptional because the service’s Military Satellite Communications Systems team made headway on protections that the Defense Department as a whole has struggled to activate, and did so in an environment with more technical constraints.

The non-profit International Information Systems Security Certification Consortium, (ISC)2, on Tuesday awarded Steven Martin, an Air Force information assurance manager, with its U.S. Government Information Security Leadership Award for leading the effort. In only two months, his team of about five specialists linked a space mission network with the Host Based Security System, which, among other things, monitors removable data devices such as CDs and thumb drives.

The Pentagon is rolling out the security tool across the military’s Secret network in response to the 2009 uploading of thousands of confidential files to anti-secrets website WikiLeaks.

Martin’s group demonstrated that the technology, a McAfee product, can operate in a low-bandwidth environment and display the threat level of space system components -- all on one screen -- at the land-based Satellite Operations Center.

Space missions systems are closed networks, unconnected to the Internet, but still vulnerable to data corruption and unauthorized data transfers. For instance, an outsider could insert a CD with malicious code or download sensitive information onto a CD.

“We’re isolated, but we still get attacked,” Martin told Nextgov. “It could be an insider. You don’t know where the path of the attack can come from.”

At most military agencies, a central server pushes out security software to each network component at the same time. But disrupting machines associated with satellites, for system maintenance, was not an option.

Martin’s team had to work around the users’ schedules to avoid cutting off connectivity during critical operations.

Typically, “the standard configuration pushes updates systemwide on a schedule that can affect the 100 percent availability requirement for a space mission system,” he said.

So the specialists programmed the security tool to load software updates at different times for each system component, rather than simultaneously networkwide.

“You can’t interrupt the warfighter,” Martin said. “We support the guys in uniform and the gals no matter where they go.”

Personnel first installed the technology on a ground network used to communicate information about abnormal satellite activity, assess sensor performance and transmit spacecraft-tracking data. Within the next 18 months, the plan is to cover the networks supporting satellite operators and users.

The NATO force that fights Afghan insurgents is installing a similar anti-leak tool on its Secret network that, unlike the Pentagon system, also can detect unsanctioned data transfers through email, blogs and other network activity.

Space systems are frequently targeted by intruders. NASA reported 5,408 computer security incidents in 2010 and 2011 during which outsiders either installed malicious software or accessed systems. Some of the breaches may have been coordinated by foreign spies, according to the agency’s inspector general.

Separately, a foreign adversary may have meddled with U.S. satellites in recent years, federal officials revealed in fall 2011. Two unusual incidents involving signals targeting a U.S. Geological Survey satellite in 2007 and 2008 were referred to the Defense Department for investigation, USGS officials said. NASA also experienced two "suspicious events" with a Terra observational satellite in 2008, according to the agency. An annual report from the U.S.-China Economic and Security Review Commission characterized the events as successful interferences that may be linked to the Chinese government.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.