Rocket Lab entered “hero mode” to finish Mars probes—now it’s up to Blue Origin
BLUF: the headline plus this quote: “This wasn’t easy to make happen on this schedule and for this cost. So we’re very happy to be where we are.”
My understanding as a not-space guy is that getting a satellite into orbit requires a myriad of different companies and organizations who all have to be able to collaborate. This article discusses an recent example of a Blue Origin launch wherein the vendor had to speed up their production process to make a timeline. Situations like this are when compromises have to be made – not necessarily nefarious compromises, maybe just going from perfect down to really good – and that creates opportunities that attackers might later exploit.
No single entity owns the whole process soup-to-nuts and entities have to depend upon one another to always follow the highest standards. A vendor might not even make those sacrifices on the spacecraft itself, they might have just pulled people other parts of the business because they needed all hands on deck for the spacecraft, and one of those hands could have been responsible for some piece of the cybersecurity of the vendor’s network itself.
This reiterates the crucial security component discussed in mine and Hunter’s presentation and paper, which is to focus security on bottle necks like those that exist between IT/OT and other types of networks, and between a company’s own network and any trusted partners’ networks. You don’t have to catch the adversary everywhere they are, if you can notice them going through one of a few places they must transit, then you can trace back to all they’ve exploited when you enter the expulsion phase.