NASA issues guidance on space cybersecurity
A proactive response to growing security threats in the aerospace industry
NASA has released a manual for cybersecurity in space, designed to protect against growing vulnerabilities in the aerospace sector. The guidelines recommend continuous risk monitoring, application of domain separation and least privilege principles, as well as rigorous authentication of personnel and software.
NASA has introduced a fundamental innovation for the aerospace sector: a manual of best practices for cybersecurity in space. The goal is to evolve from static security methodologies to a dynamic approach. The document shares NASA flight design language with National Institute for Standards and Technology (NIST) safety controls, specifically the SP 800-53 catalog.
Adaptation and protection for the space sector
According to the Space Agency, the new guidelines will serve to facilitate the adaptation to increasingly integrated and interconnected operational information and technological systems, for both government and private missions. The manual is a response to growing vulnerabilities in the space domain, as demonstrated by the attack suffered by Viasat following Russian operations in February 2022.
Safety principles recommended by NASA
The guidance recommends that organizations continually conduct mission security risk analysis and response to proactively address threats. It highlights the importance of applying domain separation and least privilege principles to mitigate supply chain attacks and other operational vulnerabilities.
Access management and IT security
NASA warns that attackers can exploit ground-based systems to gain unauthorized access and maliciously interact with space vehicles and operations, so ensuring authentication and authorization of personnel and software is crucial. A mediated access mechanism is recommended to prevent unwanted access to critical subsystems of the space segment and to improve security log management.
Follow us on WhatsApp for more pills like this12/27/2023 02:18
Marco Verro