By Chuck Brooks, President of Brooks Consulting International
Protecting the frontier of space systems is unquestionably a security priority for governments and industry. Due to our increasing reliance on space, and particularly satellites, for communications, security, intelligence and business, satellite and space cybersecurity is becoming increasingly important in this new digital era.
In recent years, there has been an increasing number of satellite launches. Currently, thousands of satellites are in low Earth orbit — a.k.a. LEO — where they are vulnerable to cyberattacks from both above and below. With the use of satellites to transport data across vast, worldwide distances, many communication networks are currently transitioning from terrestrial communications to cloud-based communications. Due to the dramatic reduction in launch costs, there are now more satellites in LEO than ever before. This has increased the number of potential targets for hackers to target, both in space and at control centers located on Earth.
It is anticipated that 25,000 satellites will be launched by 2030, handling more than 500,000 petabytes of data. This underscores the hazards to the economy and data security that come with this increased susceptibility. According to Sam Visner, tech fellow at Aerospace Corporation and the vice chair of the board of directors of the Space Information Sharing and Analysis Center, space systems are essential to almost every critical infrastructure you can think of, including finance, energy, oil and gas, transportation, healthcare and agriculture.
Countries are depending more and more on space as a mission-critical and developing frontier for information-sharing and surveillance. By keeping an eye on adversary threats and geopolitical moves, they also play a crucial role in national security. In fact, at the beginning of the Russian invasion of Ukraine, an alarming event occurred when an attack caused disruption to the Ukrainian satellite communications provider ViaSat. And this was not the only cyber attack targeted satellite incident in recent years.
The national security establishment has recognized that cyber threats are becoming a greater threat to satellites and communications networks. The U.S. Space Systems Command recently announced beta testing for cybersecurity guidelines regarding commercial satellites in response to those concerns. Because the space business is becoming more and more important to the global economy, the FBI, the National Counterintelligence and Security Center and the Air Force Office of Special Investigations recently released an advisory warning of cyberattacks on the sector.
In December 2023, in an effort to strengthen mission cybersecurity efforts for both public and private sector space activities, NASA has released the first version of its Space Security Best Practices Guide. The Space System Protection Standard, which encapsulates NASA’s ongoing commitment to assisting in the development of precise cybersecurity principles for its space systems, is reflected in the guide. In order to promote the objectives of Space Policy Directive 5, Cybersecurity Principles for Space Systems, the agency created the handbook.
A Space Systems Critical Infrastructure Working Group was established by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency last year. The group, which unites stakeholders in the space system’s critical infrastructure, is made up of representatives from government and business and functions under the auspices of the Critical Infrastructure Partnership Advisory Council.
I was privileged to be a member of that working group, and soon industry-focused recommendations and initiatives on cybersecurity for space systems will be made available. The role of the working group is especially important as networks are changing from terrestrial communications to the cloud, taking advantage of satellites to move data over large, international distances.