This is really a technical job
The Translation Bureau is a compilation team that focuses on technology, business, workplace, life and other fields, focusing on foreign new technologies, new ideas, and new trends.
Editor’s note: Not long ago, an audit report revealed NASA’s loopholes in network security, which made the public pay attention to the safety of astronauts and space stations. Although NASA refused to comment on this, we can still get the information from the relevant experts. This article is translated from medium, article author Wes O’Donnell, original title Is It Possible to Hack Into a Spacesuit?
Image source: NASA/JPL
In addition to missile silos and the US stock market, few other targets can be as hacking as spacecraft, bringing such attractive challenges to American enemies.
In fact, in June of this year, NASA published an audit document from the Office of the Attorney General of the United States, which showed that NASA’s Jet Propulsion Laboratory (JPL) was hacked in 2018. The hackers hacked into an unauthorized Raspberry Pi computer that was connected to a JPL server that they wanted to “explore” on NASA’s network.
The Johnson Space Center (JSC) officials worry that hackers may enter the communication system laterally from the server, interfering with the signals used in US space missions.
As of March this year, JSC has not resumed the use of all its communications data due to continued concerns about its reliability.
Black into NASA astronauts’ space suit
To be sure, the audit clearly shows that NASA has a large gap in ground security issues. But what happens once the manned space system in the orbit is invaded by hackers?
When astronauts walk in space, can hackers remotely access, for example, a spacesuit or an Extravehicular Mobility Unit (EMU)? This idea seems more likely to appear in JaMes Bond’s movie episode. However, in the United States, cybersecurity vulnerabilities have caught us by surprise almost every day.
NASA politely refused to comment on the matter, but several cybersecurity experts expressed their views on the matter, and their insights are instructive.
But if the “no tethering” approach is taken, the spacesuit will be battery powered, Cornelius believes that in this case, the spacesuit will not have any connection with the space station other than the radio.
He went on to say, “I believe that the structure of the extravehicular spacesuit is basically the same as it was 40 years ago. So the spacesuit itself is mostly mechanical and will not leave too much attack opportunity for the hacker. The worst The situation is to interfere with radio communications. Losing contact may make many people feel uneasy, but considering the amount of training that astronauts have to accept, I can’t imagine how much trouble this will cause them.”
InCyberDefense contributors and military information systems security officer Ed Hawkins II have long responded to our doubts. “Is NASA doing something stupid, such as designing a spacesuit that can be networked?” he asked. “If they do, they will be affected by the same vulnerabilities as computers.”
For example, if the vital signs of a spacesuit are remotely monitored and adjusted, then a potential attacker can control the spacesuit and potentially kill the astronaut. Or, if the spacesuit is connected to any onboard system, hackers may use the spacesuit as a vulnerability for countless attacks at the same remote conditions that appear at the beginning of the article.
It is clear that such large-scale discussions are certainly not what NASA or the international space community would like to see, because that would put the life of the astronauts at risk. For the same reason, if NASA does take similar steps, the attacker must gain local access to the control system or install a remote connection on those systems. But in this way, all the information of the attacker will be clearly seen by the monitoring system.
Invasion of the International Space Station
Although spacesuits can be difficult to crack, other mission-critical components? Even the space station itself? After all, the International Space Station is clearly undermined.
Image source: NASA/JPL
On this issue, Cornelius said: “The organization and connection of the space station control system is a much larger unknown. I don’t know how old the various control systems on the space station are, nor the connection between these systems. On the one hand, some systems may have been designed in the 1980s, and the security is very poor, but there are few connections between them. But because they are constantly updating the space station, there will be some components that are designed later. It will be safer and more closely related to each other. I suspect that the connection from the ground does not have much command authentication. Determining how to send instructions to the space station may require some research, but this is only a matter of time. Once the space station receives these instructions The interconnectivity of the system determines the difficulty of malicious operations on the space station system. An example of a system that directly affects the extravehicular activity is the robotic arm, which can be controlled from the ground.”
A unique challenge of the
space station is that its equipment rarely has any spare parts. Because the cost of manufacturing equipment for space applications is so high, researchers lack a fully representative system for experimentation, which increases the difficulty of finding vulnerabilities.
This is not unreasonable. When I visited Grimm’s Michigan factory last year, I witnessed a fully functional car system model designed to protect your most expensive mechanical item: the car.
According to Cornelius, using remote controls, such as controlling the robotic arm, is much easier than identifying remote exploitable vulnerabilities in the space station control system.
All-round consideration of vulnerabilities
Consider these vulnerabilities to ensure that these critical assets are able to withstand large and complex attacks from other countries or organizations.
In today’s world, cyber attacks are increasingly dangerous and complex. At the same time, civilian hackers always want to expand their capabilities beyond more and more challenging goals.
The future NASA system design must take into account security. Although NASA’s main task is to expand the scope of human knowledge in space, it is better to take its eyes off the universe to pay attention to itself, to ensure the security and reliability of its own systems, and to always walk in the discovery of vulnerabilities. Hacker front.
Translator: Xitang