Personal tools

Cybersecurity Threats in Space

LEO_ESA_010322A
[LEO - The European Space Agency]

 

- Why are Space Systems Vulnerable?

Much of the world’s critical infrastructure is heavily dependent on space, specifically space-based assets, for its daily functioning. Essential systems -- such as communications, air transport, maritime trade, financial services, weather monitoring and defense -- all rely heavily on space infrastructure, including satellites, ground stations and data links at the national, regional and international level. This dependence poses a serious, and yet frequently underrecognized, security dilemma -- especially cyber threats -- for critical infrastructure providers and policymakers alike. 

Like any other increasingly digitized critical infrastructure, satellites and other space-based assets are vulnerable to cyberattacks. Many space systems are old, created before cybersecurity became a top policy priority. They have vulnerabilities like hardcoded credentials -- used by ships, planes and the military — making access by sophisticated actors fairly easy.

These cyber vulnerabilities pose serious risks not just for space-based assets themselves but also for ground-based critical infrastructure. If not contained, these threats could interfere with global economic development and, by extension, international security. What's more, these concerns are no longer merely hypothetical. Within the past decade, more countries and private actors have acquired and employed counter-space capabilities in novel applications, which now pose a greater existential threat to critical space assets. 

 

- What are the Vulnerabilities?

Vulnerabilities to space systems and infrastructure vary across a range of potential attack surfaces. As the Aerospace Corporation explains in a recent paper, there are four main segments of space infrastructure that need to be hardened against cyber attack:

Spacecraft could be vulnerable to command intrusions (giving bad instructions to destroy or manipulate basic controls), payload control and denial of service (sending too much traffic to overload systems). Malware could be used to infect systems on the ground (like satellite control centers) and for users, and links between the two and spacecraft could be spoofed (disguising communication from an untrusted source as a trusted one) or suffer from replay (interrupting or delaying communication by malicious actors). 

 

 

[More to come ...]

 

 

Document Actions