FCC draws the line on Chinese tech threats. - CyberWire Daily

Summary8 min read

CyberWire Daily – Episode: FCC Draws the Line on Chinese Tech Threats Release Date: March 13, 2025
Host/Author: N2K Networks

Introduction

In this episode of CyberWire Daily, host Dave Buettner presents a comprehensive overview of the latest developments in the cybersecurity landscape. The episode delves into the Federal Communications Commission's (FCC) initiatives to counter Chinese cyber threats, ongoing challenges within the Cybersecurity and Infrastructure Security Agency (CISA), notable cyberattacks, and touches on broader industry issues such as vulnerabilities in widely-used software and emerging spyware threats. Additionally, the episode features an insightful interview with Alvaro Alonso Ruiz, co-founder and Chief Commercial Officer (CCO) of LeanSpace, discussing the state of software in the space industry.

FCC's National Security Council to Counter Chinese Cyber Threats

The episode opens with significant news about the FCC establishing a National Security Council aimed at countering Chinese cyber threats and maintaining U.S. leadership in critical technologies like AI, 5G, and quantum computing.

Key Points:

FCC Chair Brendan Carr emphasizes the council's focus on mitigating cyberattacks, espionage, and reducing supply chain dependencies on adversarial nations.
Leadership: Adam Chan, a former House China Committee lawyer, will lead the council.
Scope of FCC: The FCC's expanded role includes overseeing telecom security, drone certification, and subsea cables.
Early Focus: Addressing the Salt Typhoon cyberattack, a large-scale Chinese operation targeting U.S. telecom networks.

Notable Quote:

"The Council will focus on mitigating cyberattacks, espionage and reducing supply chain reliance on adversaries."
— Brendan Carr, FCC Chair [02:15]

This initiative aligns with broader U.S. efforts, such as the CIA's China Mission Center, aiming to curb Beijing's technological ambitions. In response, China's embassy has dismissed these concerns, advocating for a cooperative approach to U.S.-China relations.

CISA Under Strain: Leadership and Operational Challenges

The podcast highlights a critical perspective on CISA, presented by Eric Geller in Wired, arguing that the agency is in crisis due to mass layoffs and political pressures, particularly under President Donald Trump's administration.

Key Points:

Employee Morale: Reports of low morale and leadership failures are rampant, weakening cybersecurity defenses.
Operational Impact: Critical staff dismissals and the suspension of election security efforts have left the U.S. vulnerable to cyber threats from nations like Russia, China, and Iran.
Budget Cuts: CISA is reducing its annual funding for MS-ISAC and EIS-ISAC Cybersecurity Intelligence groups, which are vital for state and local government defenses.
Consequences: Defunding these groups could lead to increased vulnerability of election offices to foreign cyberattacks and undermine international anti-cybercrime efforts.

Notable Quote:

"Employees fear political retaliation and the agency's acting director is accused of prioritizing Trump's agenda over national security."
— Eric Geller, Wired [05:42]

Experts warn that the decline of CISA could have dire repercussions for U.S. security and economic stability, with fears that the situation may worsen.

Notable Cyberattacks: Volt Typhoon and UNC3886

The episode details two significant cyber threats attributed to Chinese actors:

Volt Typhoon Attack:
- Target: Littleton Electric, Light, and Water departments in Massachusetts.
- Duration: Maintained unauthorized access for over 300 days before detection in November 2023.
- Impact: Compromised operational technology data, including energy grid operations and spatial layouts.
- Risk: Potential escalation to disrupt critical U.S. infrastructure.
- Detection: Identified during a Dragos OT security deployment.
Notable Quote:

"Volt Typhoon, linked to Chinese espionage, is known for persistent access and data exfiltration."
— CyberWire Report [08:30]
UNC3886 Campaign:
- Method: Deployment of custom backdoors on end-of-life Juniper Network's MX routers using tiny shell malware.
- Discovery: Mid-2024 by Mandiant.
- Capabilities: Allows data exchange and command execution, bypassing Juno OS security and VeraExec protections.
- Threat Level: Ongoing espionage campaign threatening global networking infrastructure.
Notable Quote:

"These hackers bypassed Juno OS security by injecting malicious code into trusted processes."
— Mandiant Analysis [09:50]

Ukraine's Kyiv International Cyber Resilience Forum

Ukraine hosted its Kyiv International Cyber Resilience Forum, marking an annual cyber conference where European allies took the forefront amidst reduced U.S. participation.

Key Points:

U.S. Absence: No officials from the Trump administration attended, highlighting geopolitical tensions.
European Leadership: Emphasis on developing a collective European cybersecurity framework inspired by Ukraine's frontline experiences.
Partnerships: Collaboration with organizations like Google, Cloudflare, and CrowdStrike, with Mandiant's Sandra Joyce delivering a keynote address.
Future Collaborations: Ukrainian officials expressed hope for renewed U.S. cyber collaborations, despite halted funding for cyber diplomacy programs.

Notable Quote:

"Ukraine formalized ties with the European Cybersecurity Competence Center, signaling closer European cooperation."
— CyberWire Report [11:15]

Facebook's Critical Vulnerability in FreeType

Facebook disclosed a critical flaw in FreeType, an open-source font rendering library utilized across Linux, Android game engines, and various GUI frameworks.

Key Points:

Vulnerability Details: Allows arbitrary code execution due to an out-of-bounds write when parsing TrueType, GX, and Variable Font files.
Scope: Affects all versions up to 2.13, with active exploitation observed.
Resolution: FreeType patched the bug in February 2023, but older versions remain at risk.
Recommendation: Developers are urged to update immediately to mitigate potential exploits.

Notable Quote:

"While FreeType patched the bug in February of 2023, older versions remain at risk."
— CyberWire Report [12:40]

New Android Spyware: APT37's Cospy

North Korean threat group APT37, also known as Scarcruft, has deployed Cospy, an Android spyware infiltrating the Google Play Store and APK Pure through malicious apps disguised as file managers and security tools.

Key Points:

Operation Duration: Active since March 2022.
Capabilities: Steals SMS call logs, GPS data, files, audio, and keystrokes.
Evasion Techniques: Utilizes Firebase Firestore and encrypted Command and Control (C2) communications.
Mitigation: Google has removed the infected apps, but users must manually uninstall them or reset their devices. Google Play Protect assists in blocking known versions of Cospy.

Notable Quote:

"Cospy evades detection by using Firebase Firestore and encrypted C2 communications."
— CyberWire Report [13:20]

Interview: Alvaro Alonso Ruiz on Software in Space

Guest: Alvaro Alonso Ruiz, Co-Founder and CCO of LeanSpace
Interviewer: Maria Vermazes, Host of T Minus Space Daily
Timestamp: [14:07] – [25:27]

In this in-depth interview, Alvaro Alonso Ruiz discusses the critical state of software development within the space industry. Despite advancements in hardware and mission-critical technologies, the software aspect remains languishing, often relying on outdated systems and methodologies.

Key Insights:

Stagnant Software Practices:
- Observation: Space missions are dependent on legacy software, some running as old as Windows 95.
- Challenge: Maintaining and updating such systems poses significant security risks and operational inefficiencies.
Notable Quote:

"There's this new space movement, a lot of new companies spawning, doing amazing stuff. But when I saw that space missions were state of the art in many technologies, but in software they were stuck decades in the past."
— Alvaro Alonso Ruiz [14:07]
Risk-Averse Mindset:
- Issue: The inherent risk in space missions leads to a risk-averse culture, prioritizing stability over innovation.
- Consequence: This results in rigid, waterfall-based development processes that are ill-suited for the dynamic needs of modern software development.
Notable Quote:

"Every mission was a one off. They were trying to minimize risks all across. They were extremely expensive missions. They took forever."
— Alvaro Alonso Ruiz [16:00]
Need for Agile Methodologies:
- Comparison with SpaceX: Companies like SpaceX adopt agile methods, allowing for quick iteration and constant innovation.
- Recommendation: Transitioning to software-focused business models and adopting agile practices can significantly enhance efficiency and adaptability.
Notable Quote:

"SpaceX operates in a completely different manner. They run their business as a software business. They launch a lot of satellites and have very quick turnaround. It's like in software development, you work in sprints."
— Alvaro Alonso Ruiz [17:00]
Integration and Modernization Strategies:
- Educational Efforts: Emphasizing the benefits of modern software technologies to reduce costs, risks, and delays.
- Phased Transitions: Implementing middleware layers to connect legacy systems with cloud-based applications.
- Hybrid Cloud Adoption: Leveraging cloud security advantages while maintaining mission-critical systems' integrity.
Notable Quote:

"We need phased transitions because we cannot just like disconnect a control center and connect another one. It doesn't work."
— Alvaro Alonso Ruiz [24:00]

Conclusion of Interview: Alvaro underscores the necessity for the space industry to embrace software modernization to keep pace with technological advancements and reduce vulnerabilities. LeanSpace is at the forefront of facilitating this transformation, aiming to bridge the gap between legacy systems and modern, secure software solutions.

UK Hospital's Network Security Challenges

The episode highlights a concerning revelation from the Princess Alexandra Hospital in the UK, which discovered thousands of unauthorized devices connected to its network.

Key Points:

Discovery: Between 5,000 to 10,000 unknown devices, including PlayStations, coffee machines, and electric cars, were found connected to the hospital's network.
Impact: Highlights a massive expansion of the hospital's attack surface amidst a broader tech modernization effort.
Security Measures: Without a dedicated cybersecurity team, the hospital relies on infrastructure staff to manage security using automated tools, Extended Detection and Response (XDR), and AI-driven protections.
Zero Trust Security: Although network segmentation has been implemented, achieving Zero Trust Security remains unfulfilled.
Risk Implications: Deputy Director of ICT, Jeffrey Wood, warns that unsecured networks could lead to attacks that directly harm patients.

Notable Quote:

"There's nothing like a cybersecurity audit to find out your MRI machine shares a network with somebody's PS5."
— Dave Buettner [22:10]

Conclusion

This episode of CyberWire Daily provides a thorough examination of current cybersecurity challenges, from governmental efforts to counteract foreign threats to internal struggles within key agencies like CISA. It underscores the persistent vulnerabilities in critical infrastructure and the urgent need for modernization, both in the space industry and healthcare systems. The insights shared by Alvaro Alonso Ruiz emphasize a broader industry trend towards integrating advanced software solutions to mitigate risks and enhance operational efficiency.

For more detailed information on these topics, listeners are encouraged to visit thecyberwire.com or subscribe to the CyberWire Daily podcast.

Credits:

Host: Dave Buettner
Interviewer: Maria Vermazes
Guest: Alvaro Alonso Ruiz, Co-Founder and CCO of LeanSpace
Producers: Alice Carruth, Liz Stokes
Sound Design: Elliot Peltzman
Executive Producer: Jennifer Ibin
Publisher: Peter Kilpe

Stay informed with CyberWire Daily – your trusted source for cybersecurity news and analysis.

Loading summary

Transcript20 lines

[00:02]
Dave Buettner
You're listening to the Cyberwire Network powered by N2K.
[00:14]
Maria Vermazes
We've all been there. You realize your business needs to hire someone yesterday. How can you find amazing candidates fast? Well, it's easy. Just use Indeed when it comes to hiring, Indeed is all you need. Stop struggling to get your job post noticed Indeed Sponsored Jobs helps you stand out and hire fast. Your post jumps to the top of search results so the right candidates see it first and it works. Sponsored Jobs on indeed get 45% more applications than non sponsored ones. One of the things I love about Indeed is how fast it makes hiring. And yes, we do actually use Indeed for hiring here at N2K CyberWire. Many of my colleagues here came to us through Indeed plus with Sponsored Jobs. There are no subscriptions, no long term contracts. You only pay for results. How fast is Indeed? Oh, in the minute or so that I've been Talking to you, 23 hires were made on Indeed according to Indeed Data Worldwide. There's no need to wait any longer. Speed up your hiring right now with Indeed and listeners to this show will get a $75 sponsored job credit. To get your jobs more visibility at indeed.com cyberwire just go to indee indeed.com cyberwire right now and support our show by saying you heard about Indeed on this podcast. Indeed.com cyberwire terms and conditions apply. Hiring Indeed is all you need. The FCC looks to counter Chinese cyber threats there's turmoil at CISA volt typhoon infiltrates a power utility for over 300 days. Europe takes the lead at Ukraine's annual cyber conference. Facebook discloses a critical vulnerability in Freetype. A new Android spyware infiltrates the Google Play Store. Our guest is Alvaro Alonso Ruiz, co founder and CCO of leanspace. Discussing software in space with T Minus Space Daily host Maria Vermazes and a UK hospital finds thousands of unwelcome guests guests on their network. It's Thursday, March 13, 2025. I'm Dave Buettner and this is your Cyberwire Intel Brief. Foreign thanks for joining us here once again. It is always great to have you with us. The FCC is establishing a National Security Council to counter Chinese cyber threats and maintain US leadership in key technologies like AI 5G and quantum computing. FCC Chair Brendan Carr says the Council will focus on mitigating cyberattacks, espionage and reducing supply chain reliance on adversaries. It will be led by Adam Chan, a former House China committee lawyer. The FCC's role has expanded amid U S China tech tensions overseeing telecom security, drone certification and subsea cables. A key early focus is Salt Typhoon, the large scale Chinese cyber attack on US telecom networks. The move aligns with broader US efforts like the CIA's China Mission center to curb Beijing's tech ambitions. China's embassy dismissed the concerns, urging a cooperative approach to U S China relations. In a piece for Wired, Eric Geller makes the case that the Cybersecurity and Infrastructure Security Agency is in crisis due to mass layoffs and political pressure under President Donald Trump's administration. Employees report low morale, leadership failures and weakened cybersecurity efforts, making it harder to protect US Infrastructure from cyber threats. Many critical staffers have been dismissed and partnerships with international and private sector allies are unraveling. CISA's election security efforts have been suspended and key AI and open source security programs are being dismantled. Employees fear political retaliation and the agency's acting director, Bridget Bean, is accused of prioritizing Trump's agenda over national security. Restrictions on communication, frozen projects and uncertainty about future layoffs have left employees demoralized and overwhelmed with adversaries like Russia, China and Iran ramping up cyber threats Former officials warn that CISA's decline could have dire consequences for US security and economic stability. Many fear worse is yet to come. Meanwhile, CISA is cutting $10 million in annual funding for Ms. ISAC and EI ISAC Cybersecurity Intelligence groups that help state and local governments defend against cyber threats. The move is part of broader budget and staffing cuts under the Trump administration. Experts warn that defunding EI ISAC leaves election offices vulnerable to foreign cyberattacks, shifting costs to local taxpayers. Cuts are also undermining international anti cybercrime efforts, including stopping Southeast Asian scam operations. Critics argue these moves weaken US Cyber defenses, leaving critical infrastructure and elections exposed to increasing threats from nation state hackers. The states aren't taking the ISAC cuts lying down. Arizona Secretary of State Adrian Fontes is proposing Vote isac, an independent cybersecurity initiative for state and local election offices. The plan aims to replace EI ISAC, which previously provided 247 threat monitoring and federal intelligence sharing. Without it, counties face a $45 million cybersecurity gap. Fantas has already reached out to states and stakeholders and plans to launch Vote ISAC as a nonprofit with support from public officials, philanthropy and private industry. Chinese threat actor Volt Typhoon infiltrated Littleton electric, light and water departments in Massachusetts, maintaining access for over 300 days before detection in November of 2023. The attack, discovered during Dragos OT security deployment, targeted operational technology data including energy grid operations and spatial layouts. Volt Typhoon, linked to Chinese espionage, is known for persistent access and data exfiltration. Dragos warns the group could escalate to stage two ICS attacks, potentially disrupting critical US infrastructure in the future. Elsewhere, Chinese cyber espionage group UNC3886 is deploying custom backdoors on end of life Juniper Network's MX routers, which no longer receive security updates. The backdoors, based on tiny shell malware, allow data exchange and command execution. Mandiant discovered the attacks in mid-2024, linking them to UNC3886, known for exploiting zero day vulnerabilities in Fortinet and VMware ESXi. The hackers bypassed Juno OS security by injecting malicious code into trusted processes, circumventing VeraExec protections. This ongoing espionage campaign threatens critical networking infrastructure globally. At Ukraine's Kyiv International Cyber Resilience Forum, Ukraine's major annual cyber conference, European allies took the lead amid diminished U.S. presence last year. The U.S. department of State and top American cyber officials played key roles, but no Trump administration officials attended this year, highlighting geopolitical tensions between Kyiv and Washington. While Google, Cloudflare and CrowdStrike partnered with the event, only Mandiant's Sandra Joyce gave a keynote. Discussions focused on European led cybersecurity strategies, with Ukrainian officials advocating for a collective European cybersecurity framework based on Ukraine's frontline experience. Ukraine formalized ties with the European Cybersecurity Competence center, signaling closer European cooperation. Past US Cyber aid, including software and funding via usaid, was acknowledged but largely absent from discussions. Ukrainian officials remain hopeful for future US Cyber collaborations, though the State Department has reportedly halted funding for cyber diplomacy programs under President Trump. Facebook has disclosed a critical vulnerability in FreeType, an open source font rendering library widely used in Linux, Android game engines and GUI frameworks. The flaw, present in all versions up to 2.13, allows arbitrary code execution and is actively exploited. The issue stems from an out of bounds Write when parsing TrueType, GX and Variable Font files. While FreeType patched the bug in February of 2023, older versions remain at risk. Developers are urged to update immediately. North Korean threat group APT37, also known as Scarcruft, deployed Cospy, an Android spyware that infiltrated Google Play and APK Pure via five malicious apps disguised as file managers and security tools. Active since March 2022, Cospy steals SMS call logs, GPS data files, audio and keystrokes. The malware evades detection by using Firebase firestore and encrypted C2 communications. Google has removed the infected apps, but users must manually uninstall them or reset devices. Google Play Protect helps block known versions of cospy. Coming up after the break, Maria Ramazes sits down with Alvaro Alonso Ruiz to discuss software in space. And a UK hospital finds thousands of unwelcome guests on their network. Stay with us. Cyber threats are more sophisticated than ever. Passwords. They're outdated and can be cracked in a minute. Cybercriminals are intercepting SMS codes and bypassing authentication apps. While businesses invest in network security, they often overlook the front door, the login. Yubico believes the future is passwordless. Yubikeys offer unparalleled protection against phishing. For individuals, SMBs and enterprises. They deliver a fast, frictionless experience that users love. Yubico is offering N2K followers a limited buy one get one offer. Visit yubico.com N2K to unlock this deal. That's Yubico. Say no to modern cyber threats Upgrade your security today. Do you know the status of your compliance controls right now? Like right now? We know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. More than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off. Alvaro Alonso Ruiz is co founder and CCO of leanspace. He recently got together with my N2K colleague Maria Vermasis, host of the T Minus Space Daily. Their discussion centered on software in space.
[14:07]
Alvaro Alonso Ruiz
What I saw at the space industry is amazing. Especially there's this new space movement, a lot of new companies spawning, doing amazing stuff. So on the one hand I was very inspired by all the innovation going on and on the other hand I was appalled by the state of software in the industry, especially because I had seen software in other verticals and when I saw that space missions, they were state of the art in many technologies, but in software they were stuck decades in the past. I was amazed. I couldn't believe it. So that was kind of the driver for co founding Lean Space.
[14:47]
Dave Buettner
Tell me a little bit about what you've seen and maybe why are things the way they are?
[14:52]
Alvaro Alonso Ruiz
Well, the space industry is inherently risky, so a lot of decisions are made to minimize risks. Which makes sense, right? Especially because in the previous decades, space missions were done by engineers for engineers, if you know what I mean. All the missions were kind of R and D in a way. Every mission was a one off. They were reinventing the wheel over and over again. Everything was a custom implementation, there was massive redundancy being put in the spacecraft and also in the ground. And so they were trying to minimize risks all across. They were extremely expensive missions. They took forever. So when finally you launched that satellite, nothing could fail. And it made sense in the past. Right now it doesn't make sense anymore. You see, for example, very successful companies like SpaceX, they operate in a completely different manner. They actually run their business as a software business. They launch a lot of satellites and some of them fail, but most of them succeed. And they have very quick turnaround. They innovate constantly. It's like in software development, you work in sprints, you work with close feedback loops. You don't do waterfall approach, you do like agile approach. This is exactly the concept. And still in the space industry, while this kind of agile development methodologies have been around for like, I don't know, over 20 years, the space industry still operates waterfall. So you have missions that are defined at the outset, every single detailed requirement is carved in stone and only then you start development and then nothing can change. But of course things change, because when you have a mission that lasts for years, requirements will change. So then things start to change and then it's chaos all across. Because introducing changes in a waterfall process is very complex. So what space companies have not realized is that they cannot keep on running hardware businesses, because every company in the world is a software business. If you use software to deliver a service to your customers, if you use software to manage your paychecks, you use software to do your planning, to manage your emails, you are a software company, you just have assets that do things. But you run your business through software and you have to think as a software business. But in space, we are hardware focused and that's a limitation.
[17:39]
Dave Buettner
Yeah, that's the thing that I'm curious about. As I mentioned to you, before we started recording, I came from cybersecurity. So software is the world. That. And when I started doing this job, the differentiation I often heard was, well, that's bits, we're talking atoms, we're making physical things. We can't do that kind of thing here. Is that just a mental limitation? Is that just something. I mean, obviously they're different. I mean, I'm not saying they're not. But a lot of the pushback I've heard is, you know, we just can't do those things. It's just not possible in the physical space. Do you buy that? Is that, do you feel that that's not valid?
[18:14]
Alvaro Alonso Ruiz
Yeah, of course not. Yeah, yeah, of course. No, of course not. Like all them, all the industries across the world, they are digitalizing. I mean, this concept of digital transformation is a thing. And even very aging industries like banking, for example, they are undergoing this digital transformation because they have realized the risks of staying anchored in the past are worse than the risks of actually implementing and introducing new technologies into their businesses. I think the problem in space is the mindset. Everyone says space is hard.
[18:53]
Maria Vermazes
It is.
[18:55]
Alvaro Alonso Ruiz
Or are we making it hard because something is? Yes, some things, no. For example, today I know of a constellation of Earth observation satellites which is operated using Windows 95. Not kidding. Not kidding. So can you imagine, I mean, you have a background in cybersecurity. Can you imagine the risks these people are taking? It's insane. And when you talk to them and you say, hey, why don't you use. You can migrate your control center into a cloud, native cyber secure infrastructure, resilient. And they say, no, no, that's risky. And you're like, really? You're operating a system that is not maintained since 20 years. It's really frustrating. A few weeks ago, I was speaking at an event, I was on stage and it was a panel on artificial intelligence of AI.
[19:53]
Dave Buettner
Of course, everyone talks about AI.
[19:55]
Alvaro Alonso Ruiz
And it was the third time I was on stage talking about how can we leverage AI in the space industry? And it was extremely frustrating because how can we leverage AI if we are using technologies from the 70s when we're using disconnected systems that don't talk to each other, when operators are sending commands manually, literally typing the commands and sending them manually to spacecraft, you cannot use AI. We've missed a technological step. So first you need an infrastructure that connects everything together so you have all your data harmonized, standardized, usable, so that with this data you can actually train your AI models. Then after the outset of the AI algorithms, you need actionable insights that you can actually action. So you need a place where you bring it back, you bring back this output and you can do something with it. So you need this infrastructure that enables you to connect data in and out and this doesn't exist in the space industry. Very, very few companies have something like this. They all have distinct systems, different technologies, incompatible. It doesn't work. So that was actually the trigger of me starting to be more vocal about the inherent limitations we see in the space industry. No one is doing anything about it. So I'm trying to step up and change things.
[21:22]
Dave Buettner
I think for folks who are outside of the space ecosystem, there is that general assumption that, well, space is either really, really behind or really, really advanced, one or the other, or both at the same time. But I don't know if there's that pipeline of talent going to the space industry from the software side. That's a whole other conversation. But I'm so curious about, as you said, that it's a mindset issue how we go about shifting that. I think there's so much to be explored there.
[21:47]
Alvaro Alonso Ruiz
Let me answer first to a comment you just made. Sure have software talent entering the space industry. Because this is a question that was asked in this last AI panel and the question is that this is part of the problem because the space industry is plagued by aerospace engineers, not by software developers. So when a software developer joins the industry and instead of working in APIs or microservices or AI, they have to maintain code written in Fortran in the 70s. I'm not kidding. This is the case.
[22:27]
Dave Buettner
I know. I believe it. It's a nightmare for a developer though.
[22:30]
Alvaro Alonso Ruiz
Yeah, we don't have good software talent entering the industry. All the companies we work with, the people writing the ground software, are typically aerospace engineers. They don't know how to code and they are typically reusing libraries and things from way back because they're proven, they're validated open source. There's so many open source tools in the industry that people use. There's a huge risk. You open source libraries, some of them are right, some of them they're not because they might have a bug that someone introduced during the 90s and no one is maintaining this. No one knows and no one will know.
[23:07]
Dave Buettner
It's a huge technical debt. Yeah, technical debt is a huge problem. Yeah, I was going to say I'm imagining a software engineer looking for a really exciting job and the prospect of going, facing what you just mentioned, they have a lot of options. I'm not sure they'd want to take that on. I don't know how one fixes that. But anyway, I wanted to hear your thoughts. What do we do? It's not about me, it's about you.
[23:31]
Alvaro Alonso Ruiz
The first thing we have to do is educate the market. And that's what I'm trying to do. Because I mean, the problem is that it's lack of knowledge. There's a lack of knowledge that actually modern software technologies reduce risk, they reduce costs, they reduce delays. There's a massive advantage that people need to understand. That's the first thing changing the minds. The second thing is that we need phased transitions because we cannot just like disconnect a control center, flying satellites and connect another one. It doesn't work. So we need a middleware layer that connects legacy systems with cloud based applications, kind of an integration platform. And that's what we're doing. At Lean Space, for example, we have an integration platform that can connect to all the hardware, all the different legacy software systems, and you can build applications with all this data that has been centralized. It also enables to break down monolithic architectures into microservices. And then the third thing I would say is most of the systems in the space industry are based on premise because the cloud is like, oh, cloud sounds dangerous or insecure or public. It's like security of my data. But actually a lot of times cloud providers have much better security than you have in your own basement. And some missions, of course they need to be air gapped because of obvious reasons, but some don't need to do, don't need to be. So I think adopting hybrid cloud approaches and gradually migrate functionality as we are comfortable with or as the mission requires makes sense. So I think that's how I would take it. And there are technologies out there that enable this transition. But the first step is actually willing to do so.
[25:28]
Maria Vermazes
Be sure to check out the T minus space daily podcast wherever you get your favorite podcasts. Hey everybody, Dave here. Have you ever wondered where your personal information is located lurking online? Like many of you, I was concerned about my data being sold by data brokers. So I decided to try Deleteme. I have to say, Delete Me is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data Privacy is protected. DeleteMe's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your DeleteMe plan when you go to join delete me.com N2K and use promo code N2K at checkout. The only way to get 20% off is to go to JoinDeleteMe.com N2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K and finally, our device inventory desk tells us that the Princess Alexandra hospital in the UK recently discovered that PlayStations, coffee machines and even passing electric cars were connecting to its network. Deputy Director of ICT Jeffrey Wood admitted our attack surface was bigger than we thought after finding between 5 and 10,000 unknown devices lurking in their system. This alarming revelation came during a trial of a cyber exposure platform, part of a broader tech modernization effort. With no dedicated cybersecurity team, the hospital's infrastructure staff handles security, integrating automated tools, XDR and AI driven protections. Network segmentation has even freed the marketing team to use Apple devices, which were previously banned. However, Zero Trust Security remains a distant dream. Deputy Director Wood says the hospital is embracing a one NHS partnership model rather than siloed vendor relationships, but warns this isn't just cyber risk, this is risk attacks could harm our patients. There's nothing like a cybersecurity audit to find out your MRI machine shares a network with somebody's PS5 and that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast. Appreciate Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here.
[29:55]
Alvaro Alonso Ruiz
Foreign.
[29:59]
Maria Vermazes
And now a message from our sponsor. Zscaler, a leader in cloud security enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security Zscaler Zero Trust AI stops attackers by hiding your attack surface making apps and IPs invisible eliminating lateral movement Connecting users only to specific apps, not the entire network Continuously verifying every request based on identity and context Simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions. Hackers can't attack what they can't see. Protect your organization with Zscaler, Zero Trust and AI. Learn more@Zscaler.com Security.