Lunar landing sites.

Lunar landing sites. NASA

Bringing GPS to the Moon Is the Next Frontier

The National Geospatial-Intelligence Agency is part of a government collaboration to bring precise navigation to the lunar surface.

ST. LOUIS—Could navigating around the Moon be as easy as loading your favorite GPS app? The Pentagon’s lead image-intelligence agency thinks so and is working to develop a lunar reference framework to guide future explorers around the Moon as safely and quickly as satellite-aided navigation does on Earth.

“Just as NGA’s predecessor agencies mapped the Moon ahead of the Apollo missions, today we’re working with NASA, the U.S. Geological Survey, the U.S. Space Force, and U.S. Space Command to develop the lunar geodetic system that will guide future visitors around the moon surface as accurately and as safely as GPS does on Earth,” said Vice Adm. Frank Whitworth, director of the National Geospatial-Intelligence Agency, during his keynote speech at GEOINT Symposium 2023.

NGA is also “developing AI/ML technologies to model the Earth’s gravitational field which can help us to fill in missing data where direct collection is difficult,” to bolster positioning, navigation and timing systems, Whitworth said.

The lunar framework is expected to be the first of many celestial body reference systems the agency will likely help shape in the future.

“Just about everyone who uses space realized we needed something that was an equivalent of WGS84 for our terrestrial kind of orientation. And it’s a big deal. And we’re not going to rush to failure on this one. We’re actually really taking the right amount of time, both with ourselves and academic and other communities to ensure that we do it right,” Whitworth told reporters.

The information doesn’t yet exist, but once it does, the goal is to have the lunar reference, like the one used for GPS, to be public—and not just for military or government use, said James Griffith, who leads NGA’s Source Operations and Management Directorate, noting that NGA is the lead defense agency, but is not in charge of developing the reference.

“The moon as a planetary object operates very differently than the Earth. We know the types of data we need to collect. But we don’t necessarily know how to collect it in that type of an environment because our tools aren’t building that,” Griffith said.

But despite the amount of exploratory work left to do, there’s huge potential.

“However we land on this,” Griffith said. “This is truly…breaking ground in science.”

David McKeown, DOD’s chief information and security officer, briefs reporters on the release of the DoD Zero Trust Strategy and Roadmap at the Pentagon on Nov. 22, 2022.

David McKeown, DOD’s chief information and security officer, briefs reporters on the release of the DoD Zero Trust Strategy and Roadmap at the Pentagon on Nov. 22, 2022. DOD / U.S. AIR FORCE TECH. SGT. JACK SANDERS

Pentagon Outlines Upcoming Contractor Cybersecurity Plan

Expect the congressionally mandated strategy by year’s end, DOD CISO says.

By November, Pentagon cybersecurity leaders aim to lay out just how private contractors will be expected to work with government agencies to safeguard data and ward off attacks.

“We are working on a strategy—a [defense industrial base] cybersecurity strategy—that we hope to have out later this year,” David McKeown, DOD’s chief information and security officer, said at GovExec’s Cyber Summit event Thursday. “Our strategy is bringing all of the pieces and parts within the department together…laying it out who’s going to be doing what, and we overlay everything on top of the NIST cybersecurity framework.”

Lawmakers requested the strategy as a step toward reducing the vulnerabilities created by doing sensitive business with hundreds of thousands of private contractors.

McKeown said the strategy would have several phases, starting with identifying what needs to be protected, then figuring out what measures are needed to protect data, detect intrusions, respond to attacks, and recover from them. For example, DOD’s pending cyber certification program, CMMC, will fall under the “protect” phase.

The strategy document is also meant to guide companies to government cybersecurity resources. These include the Defense Cyber Crime Center and the NSA’s Cybersecurity Collaboration Center, which share threat intelligence and offer free tools like protective DNS and email security.

“Right now, there’s a lot of different paths that people are interfacing with the department and getting services [from] department,” McKeown said. “We have things that we are doing to support industry and all of those things. We will also be rationalizing the tools that we provide. For instance, the protected DNS is super simple to adopt, easy to implement. You don’t have to be a rocket scientist at a small business to onboard that. We want to field some tools like that that are really good bang for the buck.”

To prevent data breaches caused by commercial vendors, including cloud service providers, McKeown said DOD is working to modify contract language to underline a contractor’s cybersecurity responsibilities.

For example, if a defense worker’s personally identifying information is compromised in a data breach due to company neglect, “they should have to pay for identity theft protection,” he said.

The Pentagon has also incorporated red-teaming to test the security of commercial cloud providers’ infrastructure on top of existing controls and assessments. But it’s not yet the status quo.

Red teams are a scarce resource. I would love for it to become the status quo. We have some other things that go on inside the department that are very effective like ‘Hack the Pentagon,’ white-hat hackers are allowed to look at stuff like that,” he said. “We’ll explore more and more ways of getting after this. We don’t have enough resources to continually red-team everything under our purview. But we do want to intelligently deploy the red teams where we may have concerns.”