It’s hard to upgrade infrastructure, especially if it's related to space.
The U.S. Space Force, looking to up its security posture against cyber threats, has awarded a $17 million contract to cybersecurity company Xage Security, the company announced Wednesday.
The award shows a growing awareness that data in transit from Earth to ground stations is increasingly vulnerable to hacking, but also that some new popular enterprise cloud architectures don’t entirely fix the problem, the company’s CEO told Defense One.
The Russian attack on the Viasat satellite constellation in February of 2022, which knocked out communications across Ukraine on the eve of Russia’s renewed invasion, is “precisely the type of attack we'll be defending against,” Geoffrey Mattson, CEO of Xage Security, told Defense One. The attack didn’t target the satellites themselves, but the ground modems that pass the data. As entities like the Space Force rely more and more on combinations of different satellite and communications companies, the notion of securing them one at a time won’t keep up with the threat.
“The more we distribute our [data] across multiple commercial systems as well as, you know, federal systems, the more redundancy there is built in. But then, on the other hand, what you then have, potentially, is a distributed attack vector…As you do that distribution, it's very important that you have a uniform method of protection across the system,” Mattson said.
Big cloud providers such as Microsoft and AWS often say the move to enterprise architectures will fix those security gaps because the entire network is visible to an administrator at the hypervisor level. But Mattson say’s that’s not entirely true, especially in environments where older equipment is running out-of-date operating systems in the same network as newer ones. Most Fortune 500 companies don’t have problems like that because they can upgrade their equipment all at once and keep it up to date, but it can be a big issue for infrastructure providers, and for space companies that have to use hardware that can’t be easily upgraded.
“Public cloud in and of itself is the wild west side right now. Because there's just, there's so many ways to, you know, attack public cloud installations,” he said.
Xage offers an identity-based cyber security mesh to protect data. That mesh includes software solutions to continuously check whether every person on the network is who they say that they are (sometimes referred to as a “zero-trust” security model).
The company’s software also examines not just the identities of the users on the network, but also their behavior, and works as a checkpoint to limit access so users can’t access things they aren’t supposed to see.
“We look at the patterns that you need, communication that you need in your facility, we lock it down, right, and once we make sure that there is no unnecessary path for lateral movement in that system,” he said.
That’s useful not only for infrastructure security but also increasingly for intelligence environments where the United States has to share some data with foreign partners such as Ukraine. (The company said they can’t comment on specific security they may or may not provide to the Ukraine support mission.)
But the company also has actual security hardware, a ruggedized box that can attach to pieces of equipment that can’t easily be upgraded through software. “In an hour, you have complete control over who accesses your equipment,” he said.