Culture / Security / Technology

In Space, You Might Still Need Two-Factor Authentication

25 Jul 2021 7:00am, by

international_space_station.jpg

Last Tuesday Amazon founder Jeff Bezos (and three traveling companions) flew to the edge of outer space. Nine days earlier, Virgin Galactic founder Richard Branson (and five traveling companions) did the same.

But for 20 years there have been crews of people living there, drifting far overhead in the largest artificial object ever constructed in space. As we celebrate this month’s technological accomplishments, some are also remembering the hard-working astronauts on the International Space Station, who since the year 2000 have been leaving planet Earth for months at a time.

Last month, a cybersecurity conference even arranged for two Russian cosmonauts to beam audio and video footage of themselves down to earth for a live interview.

A ‘Rather Special’ Conversation

The conversation took place as part of a security event known as Cyber Polygon, described on its website as “an international capacity building initiative aimed at raising the global cyber resilience and the expansion of intersectoral cooperation against cyberthreats.” It’s an initiative from BI.ZONE (a Moscow-based cybersecurity solutions provider, which is, in turn, a part of Sber, a state-owned Russian banking and financial services company) — but with support from the World Economic Forum’s Centre for Cybersecurity.

The two-track event had included a technical training track about deflecting targeted supply-chain attacks, which attracted participants from 29 different countries, one event host announced later. And they’d come from more than 200 organizations, including major finance and tech companies as well as law enforcement agencies and other public institutions, according to a report from the security-news site Threatpost. But Threatpost also noted that over 7 million viewers (from 78 countries) had tuned in for the online discussion track featuring appearances by Apple co-founder Steve Wozniak, Interpol Security-General Jürgen Stock, Microsoft chief security advisor Roger Halbheer, as well as speakers from the Red Cross, MasterCard and Visa.

And when it was time to interview the cosmonauts, host Alexander Tushkano called it a “rather special” conversation.

Pyotr Dubrov (left) with Oleg Novitskiy during ISS interview for Cyber Polygon 2021 (screenshot via YouTube video)

Cosmonauts Pyotr Dubrov (left) and Oleg Novitskiy, during the Cyber Polygon interview.

There seemed to be conscious attempts to tie the discussion into the themes of Cyber Polygon. Since this was a cybersecurity conference, it was natural to ask the cosmonauts how the Space Station handled security for the hundreds of terabytes of data they’re processing and transmitting to earth. Cosmonaut Oleg Novitskiy called it “a very interesting and highly relevant question, truly” — but it turns out their practices have a lot in common with any organization: following the security protocols set by their IT department, and using encryption where necessary.

“We are mostly here to execute the rules that we have for data transmission, data exchange,” Novitskiy said. “Of course we have our closed, secure communication channels where we, for example, discuss the health of the crew members. This is the channel that we use most frequently. A lot of information that is protected at the station, at different stages of our work, we use special software for that — specialized, certified hardware.

“To transmit data, we use special crypto-encryption, so even if this technical information is intercepted, it is highly unlikely that it will be deciphered. So this level of information security, at the station and in our communication channels, I think is very, very high.”

Although there are, of course, other challenges. At one point, interviewer Stanislav Kuznetsov said “It is very unusual to see the microphone just flying around you.”

Waving with floating microphone between Pyotr Dubrov (left) with Oleg Novitskiy during ISS interview for Cyber Polygon 2021 (screenshot via YouTube video)

International Cooperation

Kuznetsov is the deputy chairman of the executive board of the state-owned Russian banking/financial services company SberBank — and another theme emerged that both he and Tushkano, the event’s host, wanted to emphasize.

“One of the key messages of Cyber Polygon is that governments and businesses need to cooperate globally to be successful in the fight against cybercrime,” Tushkano said in his introduction. “Ironically, people seem to cooperate better in space than they do on earth… This is what it should be like in cybersecurity.”

And in a later question to the cosmonauts, Kuznetsov called the Space Station “the result of the labor of many, many countries and stakeholders … the representation of the earth in space.”

Indeed, NASA has called the International Space Station “as much a human achievement as it is a technological one — how best to plan, coordinate, and monitor the varied activities of the Program’s many organizations.” The agency noted its principal operators are space agencies from five different countries: the United States, Russia, Europe, Japan, and Canada. (And it’s been visited by astronauts from 18 different countries.) So Kuznetsov ultimately asked: Are there also joint projects, involving collaboration between more than one nation, as part of ensuring that the station’s data is secure?

And Cosmonaut Pyotr Dubrov responded affirmatively. “Of course such a big, complex project as the International Space Station cannot be built and maintained without very tight cooperation between all parties, all countries. And of course, there are special working groups that monitor everything related to security — information security in particular. They’re based in different countries, and they regularly communicate. They conduct regular training, conferences, webinars, tests. And all the issues that they work on are then executed as guidelines, instructions, that are then transmitted here on board, and we try to follow all those guidelines, all those recommendations, to secure information at the Station.

“And of course there is a lot of backup and duplication of information to ensure secure processing of data during the flight.”

There were also some references to their more everyday technologies. Novitskiy noted the equipment onboard had changed since his first 143-day flight into the Space Station in 2012, with more sophisticated systems, and he specifically cites the newer technologies bringing higher-speed internet as “very helpful in our experiments… They help us exchange information faster and in a more secure fashion.”

Dubrov said the Space Station crew members were currently preparing for a long-anticipated module docking, and that they do, in general, implement a lot of new advanced technology, including “state-of-the-art tablets” (which they appeared to be holding in front of them) and “very advanced communication channels” with Earth providing both internet access and IP telephony solutions. (“Thanks to our partners…” )

Besides the tablets and tools helping them complete their tasks and communicate with the crews on earth, he said, “They help us maintain our psychological comfort during our tours.”

Interviewer Kuznetsov pointed out the active presence that Novitskiy has online and on social media, sharing from his own experiences and observations from high up in space. But speaking of security, has he ever had problems with online fraudsters or breaches of his own accounts? “Or can we be sure that cybercriminals will, under no circumstances, attack cosmonauts?”

The cosmonaut answered with a smile, “Well, it would be great if the hackers listened to you,”  adding “and actually, it would be great if they don’t attack anyone.”

But he acknowledged that “Obviously there were some attempts, some telephone calls. I haven’t experienced direct targeted hacks, because I don’t have any confidential information that would be interesting to them.” He has in the past gotten calls from scammers pretending to be bank employees, but there was no harm done, he said, calling it “quite obvious that these were criminals. ”

A Programmer in Space

Both men hold the rank of “test cosmonaut” — but from very different backgrounds. Novitskiy is a decorated military officer (a former Lieutenant Colonel in the Russian Air Force, where he’d put in more than 700 hours of flight time, according to Space.com)

But Dubrov is a former software engineer (according to a feature at NASA). So one of the most interesting moments came when Pyotr was asked about his background in information technology and programming. Did it help him in space — and did he ever write code? Now that he’s reached the Space Station on his very first flight, what role does a programmer and “IT guy” have to play?

“You know, I mostly focus right now on experiments, on technical maintenance at the station,” Dubrov replied. “So I only have some leisure time for my own things, things that I’m passionate about, but I don’t have that much free time right now.”

But it does seem like he has used his coding/IT skills a bit while in space. “I am trying to make it more comfortable, make it easier for the crew to work with some of our information resources such as our daily schedules,” he said. “I try to make those schedules more visible, more clear, more helpful in our work. I can’t really allocate that much time to those activities, but I hope Oleg appreciates what I’m doing, and I hope it will be helpful for all of us, and the crews that come after us.”

The interview closed with one grand final question from Kuznetsov: “What do you think will be the future of the planet?”

Novitskiy responded with a message that the conference was sure to be receptive to: “I think that the future of our planet should be secure.

“Everyone is working on that. All the technical specialists in the state agencies try to make sure that cutting-edge technologies are not used to harm people, and humanity in general.

“We do hope for the better future, and for the digital safety and security, and just the safety and security of humanity. This is what we would love to achieve on our planet.”


WebReduce

The New Stack is a wholly owned subsidiary of Insight Partners. TNS owner Insight Partners is an investor in the following companies: Bit.

Featured image via NASA.

A newsletter digest of the week’s most important stories & analyses.