European Space Agency: Come on, hack our satellite if you think you're hard enough
Space: The final frontier for cybersecurity
The European Space Agency (ESA) is inviting applications from attackers who fancy having a crack at its OPS-SAT spacecraft.
It's all in the name of ethical hacking, of course. The plan is to improve the resilience and security of space assets by understanding the threats dreamed up by security professionals and members of the public alike.
OPS-SAT has, according to ESA, "a flight computer 10 times more powerful than any current ESA spacecraft" and the CubeSat has been in orbit since 2019, providing a test bed for software experiments.
It is therefore the ideal candidate for l33t h4x0rs to turn their attention to, while ESA engineers ensure the environment is kept under control.
"The in-built robustness of OPS-SAT makes it the perfect flying platform for ethical hackers to demonstrate their skills in a safe but suitably realistic environment," explained Dave Evans, OPS-SAT mission manager.
- ESA promises to get back to would-be astronauts by the end of 2021
- ESA's Mars Express picks up plaintive bleeps of China's Zhurong rover, adding much-needed comms redundancy
- ESA's Solar Orbiter sails safely past Earth despite orbiting debris concerns
- Darmstadt, we have a problem – ESA reveals its INTEGRAL space telescope was three hours from likely death
Ideas need to be submitted by 18 February and the successful applicants will be given controlled, technical access to OPS-SAT during the April CYSAT conference. It'll be a challenge since teams will only have six-minute communication slots available with the satellite in which to unleash their creations.
Running code submitted by the public in space is not a particularly new concept – the AstroPi hardware on board the International Space Station (ISS) is a great example of such outreach.
However, the engagement with cybersecurity experts via the OPS-SAT demo will give space agencies an opportunity to learn what works – and what does not – from a security standpoint as satellites become ever more complicated and the surface area for attack grows.
Interestingly, ESA's announcement had originally been made a month ago and then hurriedly pulled. Possibly because the original title "Hack an ESA spacecraft" caused at least one of the agency's bosses to pass their morning caffeinated beverage through a nostril. Or, as an ESA insider put it, seek to "review" the emission. ®
- Black Hat
- Black Hole
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Hubble Space Telescope
- Identity Theft
- James Webb Space Telescope
- Kenna Security
- Palo Alto Networks
- Solar System
- Trusted Platform Module
- Zero trust