It seems an age away when we\u2019d have to refer to a printed map to find our ways around a new city or find the best hiking trails. Today, most of us just open Google Maps on our phones to find our exact locations, thanks to GPS satellites orbiting 20,200 km above our heads. Only a few years ago, getting online on an airplane was unheard of. Now we can browse away on a transatlantic flight thanks to communications satellites some 35 thousand kilometers away.<\/p>\n
Most of us take space technology for granted everyday of our lives. With satellites supporting global communications \u2013 not to mention a raft of everyday economic, government and military functions \u2013 it shouldn\u2019t come as a surprise that it\u2019s also a potential target for cybercriminals. As the internet itself extends to the final frontier, potentially as far as human colonies on Mars<\/a> in the not-so-distant future, it\u2019s time to explore the wider implications of cybersecurity in the space age.<\/p>\n Our overwhelming reliance on space technology puts us in a precarious position. In industries like transport and logistics, location data is routinely recorded in real time from GPS satellites and sent to back offices to allow teams to track drivers and assets. Organizations which have remote outposts or ocean-going ships can\u2019t exactly get online via a mobile or cable network, so they have to use communications satellites instead. On top of that, satellites store sensitive information they collect themselves, which might include images of sensitive military installations or critical infrastructure. All these things are attractive targets to various types of cybercriminal.<\/p>\n Increasingly, data is transmitted via, and stored on, orbiting satellites. The continued proliferation of space exploration will only increase the reach of our connected environment. Given the high value of data stored on satellites and other space systems, they\u2019re potentially attractive targets for cybercriminals. Although residing in the vacuum of deep space makes them less vulnerable to physical attacks, space-based systems are still ultimately controlled from computers on the ground. That means they can be infected just like any other system<\/a>.<\/p>\n Attackers don\u2019t even need to be expert hackers from space-faring nations. And neither do they need direct, physical access to control systems belonging to organizations like NASA, ESA or Roscosmos. While navigational satellite systems like GPS (US), GLONASS (Russia) and Beidou (China) might not be the easiest targets to hack, there are dozens of other satellite owners of global communications. On top of that, thousands more companies rent bandwidth from satellite owners for selling services like satellite TV, phone and internet. Then there are hundreds of millions of businesses and individuals around the world which use them. In other words, it\u2019s a pretty large potential attack surface which is connected directly to the internet.<\/p>\n According to Will Roper of the US Air Force, we\u2019re still relying on cybersecurity procedures from the \u201990s<\/a> to protect orbital satellites. That\u2019s because space-based systems are typically built in a closed-box environment \u2013 or (excuse the pun) in a vacuum. The problem is today almost every system has software in it \u2013 the International Space Station runs on Linux, and the Mars Curiosity Rover runs the highly specialized VxWorks on its onboard computers. The problem with any kind of software is that it can have bugs, which cybercriminals could try to exploit. Imagine, for example, the sort of ransoms cybercriminals might get away with demanding if they took over a $400-million satellite. To demonstrate the risk, as well as raise awareness to their bug bounty program, the US Air Force recently challenged hackers to try to hijack an orbiting satellite<\/a>.<\/p>\n Like many technologies we\u2019ve come to rely on, space systems are largely the result of national security objectives and military advancement. The space race itself was a competition between the United States and the Soviet Union. Fortunately, nations came together to ban weapons of mass destruction from space and promote the peaceful use of the final frontier. Unfortunately, the world\u2019s biggest powers aren\u2019t doing a good job of keeping space a peaceful environment for all, and have started putting pressure on each other by testing controversial new capabilities.<\/p>\n Indeed, reconnaissance satellites have been deployed in space ever since the 1950s, and all the world\u2019s superpowers now depend on them for making strategic military decisions. Whether it\u2019s for detecting missile launches or intercepting stray radio waves, these machines routinely handle some of the most sensitive data of all \u2013 the sort that could cause a war were it to end up in the wrong hands. Naturally, this heightens the incentives for state-sponsored attackers to hack their rivals in the same way that the commercialization of space makes communications satellites attractive targets to cybercriminals.<\/p>\n State-sponsored attacks targeting space assets could manifest in various ways: GPS signal jamming could render missile guidance systems useless. Gaining access to unencrypted satellite links could allow hackers to hijack satellite communications<\/a>. Civilian and military operations alike could also be impacted directly if the US were to shut off GPS, which is owned entirely by the US government but used all over the world.<\/p>\n The biggest challenge facing space-age cybersecurity is the fact that so few organizations, all of which are enormously dependent on funding from a handful of governments, ultimately have control over space-based assets. Almost all of the world\u2019s launch facilities are owned and operated by the governments of US, Russia, China, Japan and South Korea. Further down the hierarchy, there are dozens more companies which own satellites, and many companies which own data-bearing systems on the Earth\u2019s surface.<\/p>\n This paints a rather poor picture for data democratization \u2013 end users\u2019 access to digital information. With the power to grant access to and manage digital assets in space being in the hands of so few, the risk of attack is lower, but such systems are also high-value targets for state-sponsored attackers.<\/p>\nTo boldly go where no hacker has gone before<\/h2>\n
The role of cyberespionage and the militarization of space<\/h2>\n
What are the challenges facing digital security in the space age?<\/h2>\n