SpaceWatch.Global An independent perspective on space
By Meidad Pariente
In the Seventh episode of Space Café Israel, Meidad Pariente is in conversation with Ram Levi.
Can you share something personal that isn’t written in your LinkedIn profile?
Well, I have many secrets, but I’ll share one with you. When I was a major in Israeli intelligence, I participated in a contest called the IDF commander’s gourmet cooking contest. And I won the first and I won first place. They promised the television channels that the winner would be on television. But since I was in a classified unit at the time, they could only show my shoulder. So there was a photo of myself holding my dish and only seeing the shoulder with my ranks in the newspapers. And that’s pretty much the secret I’m sharing with you right now. I wouldn’t call myself a chef. I like to cook, and I like to host. So if any of you are coming to Tel Aviv, I promise that I’ll take you to good restaurants. And maybe I’ll cook you dinner. And then we’ll have a nice party on the fascinating nights in Tel Aviv.
You can find the recipe for my winning dish at the end of the article.
You started your career way back when cybersecurity was more science fiction. Why did you choose to pursue this path?
Well, I would say that the path chose me. It was kind of an evolution rather than a revolution in terms of my professional career. I served in Israeli intelligence, where we did a lot of stuff regarding information security and in Information Operations. When I retired from the military, I approached the Israeli Space Agency with a partner of mine from the IDF. And we told them that there’s almost no research in Hebrew. Concerning space security. We understand computers, and we understand cyber. We did do a little bit of work regarding space security. In the intelligence corp, we wanted to create more literature, academic literature around space security. So that led me to work as a research fellow at Tel Aviv University. And then, you know, I was in the right place at the right time. That year, the President of Israel asked my professor to write the Israeli space policy. So you know, what professors do? they call their students to write it for them, so I, together with my colleague. Professor Deganit Paikowsky wrote the policy, which was approved by the President. That led to the huge funding of many space programs in Israel. And then, a year later, the prime minister called my professor and asked him to look into some recommendations that were coming from the intelligence corp regarding the necessity of cybersecurity. And when we left the meeting with the PM, my professor told me he could not recommend it without a National Committee. That was the evening when we decided that we needed a National Committee, he appointed me to be the secretary of the committee, and that committee was responsible for creating a space cybersecurity policy. We passed government resolution 3611, establishing the National Cybersecurity directorate in the prime minister’s office in 2011. And then, I moved to the Israeli National Committee for cybersecurity research and development. So one thing led to another, and then I decided that it was time to open my own business. And I founded Konfidas, which is a cybersecurity consulting company. I joined later the IUAI (International Union of aerospace insurers), it’s a union of all the insurers and reinsurers that insure everything that flies or launched, and it’s been launched in under a cyber security adviser, because we are dealing with cyber aspects of aerospace. And then about two years ago, we started a new company, with the Israeli shipping company focused on cybersecurity in maritime and logistics around the world. So we’ve worked with ports and terminals in the US, huge logistic companies in Europe, in Singapore, and all over the world..
small to medium businesses are the main target of hackers. Why? because they’re easy targets. Most of them are not secured. Most of them don’t even realize the risk that they’re in. cyber hygiene is like cleaning your house, which means you have to do patch management, making sure that all the software’s up to date. Software that is not up to date is a hole in your company’s cyber security.
Some might think that cyber threats to space assets are more science fiction than science fact. Can you share some use cases of cyber attacks on space assets?
There actually quite a few interesting events that happened over the last 30 years. Interestingly enough, one of the first events that happened in regard to space was actually in 1989. Everybody knows Julian Assange, from WikiLeaks. So Julian Assange was living back then in Melbourne, Australia, and his mother was a kind of a Greenpeace freedom fighter. Everybody was scared, back at the time. It was a few years after the Challenger explosion, and NASA was supposed to launch a satellite into space with a nuclear engine. They (Greenpeace activists – m.p) were afraid that if there will be another explosion over Florida, that will create a huge nuclear disaster, so they were protesting in front of the US Embassy in Australia. Julian told his mother that protests are just doing nothing, and he will take care of it. He hacked into the NASA Headquarters and used a computer virus called WANK (Warns Against Nuclear Killers), which destroyed the ground control computers of NASA. He actually caused a delay in the launch. The satellite was launched just a few months later, but there was a delay in the launch. So this is, I think, the first known attack against a space asset. Since then, we saw actually quite a few attacks. Most of them, by the way, are not against the satellite itself, but the service of the satellite, for example, Iran was trying to attack BBC TV broadcasting. In the recent war between Russia and Ukraine, the day that the war broke out, Russia attacked ViaSat. And they caused a disruption of about 40,000 terminals of ViaSat. Those terminals were used in Ukraine, for communication of the military and the police, but also used to command and control turbines in Germany, and for communication in Poland and France. There were also other events. In 2007 and 2008. China allegedly broke into ground stations of two US satellites that were controlled from Spitsbergen in Norway, they actually managed to gain control of the satellites command channel. They didn’t take over satellites, but they could, according to reports published a couple of years after that. And another interesting event, which we know is the alleged attack against the satellite called ROSAT. That was a joint site that between Germany, UK and the US, and nobody really knows, but there’s one theory that someone took over the command and control of the satellite, and change the direction of the satellites toward the sun and burn the filters. That was in 1998. So there are events. But I must say that most attacks that we know of are actually attacks for the purpose of intelligence. Because ground stations are very good hub for communications. So if you gain control of the ground station, you actually gain control of a lot of communication. Sometimes it’s not encrypted. So it’s a very good source for intelligence agencies. If you remember a few years ago, there was this huge leak of what the NSA is doing. One of the leaks, they actually saw that the NSA and the GCHQ hacked a ground station in Germany. And they had full mapping of the ground station, including IPs, administrative passwords, and they used it for intelligence. When they showed the technicians in the ground station, how deep they (the NSA – m.p) were in the ground station, they were shocked because they knew about the ground station more than the people who operate it. Those things happen all the time. It’s not science fiction, it’s actually a reality. It’s a sad reality, and we should do something about it.
You were one of the first people in Israel to connect the dots between space and cyber security. Do you feel a wind of change in the approach of the space industry regarding cyber threats?
While there is a wind of change, it’s not a hurricane. It’s a nice wind, It’s a breeze. It’s a 50 knots breeze, not more than that. I think the awareness is there. But I think most companies are not doing enough. They’re just simply not doing enough. And when I say enough, I mean the basic stuff. The basic stuff like cyber hygiene, proper password, two-factor authentication, putting endpoint protection on your computers, making sure that your databases are encrypted, and making sure that you have the right privileges for the people who are using the systems. You know, the basic stuff, I’m not even talking about dealing with nation-state attacks, just the basic stuff is still not there. I would say not in the way that we would expect in 2023. So,.
Resent network architectures, such as Starlink, are based on Linux operating systems. Do you think this progress is a vulnerability?
With every progress, there are new vulnerabilities. It’s a very, very simple equation. So the answer is absolutely yes. Because once we start using IP infrastructure, which is very good, by the way, we’re now opening ourselves up to IP infrastructure attacks, denial of service attacks, routing attacks, DNS attacks, and using vulnerabilities to take over devices. There are new possibilities (for hackers – m.p). What the other side (the operators – m.p) needs to do is to apply mechanisms to reduce the risks from those attacks, which we have, by the way. We have different types of firewalls, we have best practices for how we harden different types of operating systems. We know that patch management is critical when it comes to protecting every digital asset, because a vulnerability is a bug in the software that can be used for an attack. So we know that patch management is something that can reduce the attack surface. We have mechanisms for reducing the attack surface by closing down the surface that can be used for an attack. We know how to find anomalies in networks, and there are many best practices that we already know, from almost 20 or 30 years of experience that can be applied to reduce the risks of attacks from those infrastructures.
What do you think the Israeli space industry will look like in 2050?
It’s a good question. Thank you. When I say good, I mean, it’s a very difficult question. Israel usually shines in areas that are strongly connected to what we need in terms of security. If there was a very strong security need, that’s where Israel will shine. So we have very good technological sector, we have very good high tech because it’s very connected to the defense establishment. Because you need a lot of money for space, it’s not three people sitting in a garage, developing a cloud application, you need a lot of money. And big money comes usually from governments. I would say that in 30 years from now, space will be weaponized. We will see weapons deployed in space to assist in warfighting on planet Earth. We will probably see very immense, very impressive ways of negating space abilities in space. I wouldn’t like to see any of that, because I think it will be very bad for humanity. It’s like one step before our extinction. So I would like to see more people in space, actually, more space tourism, more people going to the moon, more people on the way to Mars and other planets in the solar system. I would like to see people leaving the solar system, which I don’t know how we’re going to do with the current capabilities that we have. But that’s what I would like to see in 30 years from now.
Ram Levi, Founder & CEO of Konfidas – Cybersecurity & Crisis Management Company. Ram is an award-winning cybersecurity expert, public speaker, and advisor to global organizations on cybersecurity, cyber crisis management, and national cyber policy. Ram is also a Co-Founder and Director of Cyberstar – a ZIM and Konifdas company providing cybersecurity solutions for the Maritime sector, an Adjunct Professor at the Interdisciplinary Center (IDC), Herzliya, and the Cybersecurity expert for the International Union of Aerospace Insurers (IUAI).
In 2021 Ram served as the secretary of the Prime Minister of Israel’s National Cyber Initiative Task Force that spearheaded the government resolution on establishing the National Cyber Bureau. He later served as the cybersecurity advisor to the Israel National Research and Development Council.
Co-authored the Israel national civilian space policy (2010) as a member of the Israel National Committee for Cybersecurity Research and Development and as a Senior Fellow at the Yuval Neeman Workshop for Science, Technology and Security, Tel Aviv University, and as a Cyber Expert for the committee for Internet and New Media at the Israel Lawyers Association;
Ram holds MA (Cum Laude) from Tel Aviv University (thesis on Cyberattack of Space Systems), a bachelor of the International Space University (ISU/SSP), holds a degree in Computer Scienceת and is trained in the elite IDF “Mamram” Programming School.
Ram retired with honors as a Major in the Israel Intelligence Corps. He was recognized for his professional and personal contribution to the cyber community by the Israeli Chamber of Information Technology and won the Ilan Ramon Scholarship. He is particularly proud of winning first place in the IDF gourmet-cooking contest.
“Solomon Dumplings” By Ram Levi
Ingredients:
- 1/2 kg of flour
- 2 tablespoons of baking powder
- 300 ml lukewarm water
The filling:
- 300 grams of finely chopped turkey breast
- 2 large chopped champignon mushrooms
- 2 chopped wild mushrooms
- A handful of finely chopped mint
- A handful of finely chopped cilantro
- 1 tablespoon soy sauce
- 2 tablespoons of oil
- 4 chopped green onion stalks
- 4 chopped cauliflower florets
- Salt
- Pepper
- A pinch of Shata pepper
Dipping sauce:
- 3 tablespoons of silane
- 3 tablespoons of soy sauce
- 1 tablespoon lemon juice
Preparation:
- The dough: mix the ingredients of the dough. Wrap in plastic wrap.
- Roll out the dough and make pockets out of it.
- Mix the filling ingredients and fill.
- Steam the dumplings for 15 minutes.
- Mix the sauce ingredients and pour over the dumplings before serving.
