{"id":43531,"date":"2022-02-03T09:32:08","date_gmt":"2022-02-03T14:32:08","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=43531"},"modified":"2022-02-03T09:32:08","modified_gmt":"2022-02-03T14:32:08","slug":"cybersecurity-in-outer-space","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/cybersecurity-in-outer-space\/43531\/","title":{"rendered":"Space hackers: myth vs. reality"},"content":{"rendered":"<p>It is common knowledge that fantasy authors love sending asteroids or pieces of the Moon careening toward Earth. But the film <a href=\"https:\/\/www.imdb.com\/title\/tt5834426\/\" target=\"_blank\" rel=\"nofollow noopener\"><em>Moonfall<\/em><\/a>, which is coming to a movie theater near you in February, focuses not on a natural disaster but on something that looks like an artificial, technology-based threat. And you may spot the name Kaspersky among the protection technologies used in this space thriller.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/ivIwdQBlS10?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>Don\u2019t worry\u00a0\u2014 we won\u2019t be giving away any movie spoilers here. We\u2019re more interested in exploring what a real-world space cyberthreat could involve. Fantasy authors grasped this long ago: in their work, someone often uses their home laptop to divert a missile or types in a single command that lets them hack a control center and wipe out an entire army of drones or at the last second they manage to crack the code for a docking airlock while shouting to their colleagues, \u201cOK, now we just need to go through 600 billion combinations!\u201d In another common story line, aliens in the form of radio signals penetrate the earthlings\u2019 space research equipment and from there go on to hijack the Internet and the people connected to it. Pretty impressive, huh?<\/p>\n<p>In reality, we aren\u2019t yet seeing large-scale, successful cyberattacks on space technology. However, sometimes suspicions are raised. Some conspiracy theorists have blamed hackers for the latest failed launches of Russian probes to Mars. There is a certain logic to this: after all, way back in 1971, the Soviet spacecraft Mars-3 made the first soft landing on Mars, and even deployed the first Mars rover. So you\u2019d think that things could only get better from there. But a quarter century later, in 1996, the Mars-96 spacecraft with four landers went up in flames shortly after launch. Another failure came in 2011, when Russia\u2019s Phobos-Grunt, which was carrying Yinghuo-1, the first Chinese probe headed for Mars, launched unsuccessfully and then met its demise.<\/p>\n<p>Of course, the official account of these accidents says nothing about hackers. But if you read <a href=\"https:\/\/lenta.ru\/articles\/2013\/01\/29\/laspace\/\" target=\"_blank\" rel=\"nofollow noopener\">this interview with the former Director General of Lavochkin Research and Production Association<\/a>, it is clearly stated that there were major problems with security and that the hardware of the Mars spacecrafts could easily have been sabotaged before launch.<\/p>\n<p>With stories like these in mind, a few years ago my colleagues and I held a space panel at a cybersecurity conference. On the whole, the presentations were interesting, but the space experts brought us back to Earth when it came to cyberattacks. They said that the traditional hacking schemes do not work with space control systems. In the classic approach, hackers buy a publicly available controller, download the firmware from the manufacturer, easily examine it on their own test bed and then attack the actual system by exploiting the vulnerabilities they find. But space technology is rather unique, so you need to spend years working on a given system before you know your way around it, and you won\u2019t be able to find a second one just like it for tests.<\/p>\n<p>That means that the main vulnerabilities are not \u201cout there\u201d but on Earth, the space system experts told us. They\u2019re not the stuff that thrillers are made of\u00a0\u2014 they\u2019d be better suited to comedy. For example, suppose you receive secret data from a satellite and need to transfer it to a customer. How would you do that? Through the run-of-the-mill Internet with all its leaks. If you don\u2019t want that, you can go old school: messengers carrying bulletproof briefcases.<\/p>\n<p>Here\u2019s another terrestrial story. In early September 2018, FBI agents evacuated the Sunspot Solar Observatory in New Mexico and shut it down for over a week. Were extraterrestrial beings behind this? After all, this is how Robert Charles Wilson\u2019s fantasy novel \u201cBlind Lake\u201d and Ond\u0159ej Neff\u2019s short story \u201cWhite Cane 7.62\u201d begin. But no, <a href=\"https:\/\/www.theregister.com\/2018\/09\/20\/sunspot_solar_observatory_fbi\/\" target=\"_blank\" rel=\"nofollow noopener\">there was a simpler explanation<\/a>: a janitor at the observatory was using the facility\u2019s Wi-Fi to download child pornography.<\/p>\n<p>But this doesn\u2019t mean that everything is fine with cybersecurity in space and that we should just relax and laugh at those silly space movies. In fact, a lot has changed in the last few years. In the new space systems, analog hardware with its one-of-a-kind technologies is giving way to increasingly standardized digital solutions by well-known manufacturers. This isn\u2019t surprising\u00a0\u2014 after all, it is IT giants who are purporting to be 21st-century space leaders.<\/p>\n<p>Exhibit A is SpaceX, backed by none other than Elon Musk, a founder of PayPal. Another company that is building spacecraft\u00a0\u2014 still suborbital for the time being\u00a0\u2014 is Blue Origin, which is the brainchild of Amazon founder Jeff Bezos. Then there was SpaceShipOne, which was funded by Paul Allen, who cofounded Microsoft with Bill Gates. SpaceShipOne later became Richard Branson\u2019s SpaceShipTwo. Google is also trying to keep up in the new space race through its Lunar XPRIZE moon rover competition. Lastly, Mark Zuckerberg, who needs no introduction, has teamed up with Yuri Milner\u00a0\u2014 the founder of Mail.ru and the DST Global venture capital fund\u00a0\u2014 to create the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Breakthrough_Starshot\" target=\"_blank\" rel=\"nofollow noopener\">Breakthrough Starshot<\/a> interstellar probe project. In the next decade, Starshot is slated for launch to the closest exoplanet to Earth, Proxima Centauri b.<\/p>\n<p>Obviously, transferring today\u2019s IT industry to space brings with it all of the IT industry\u2019s problems, from that unbearable Agile cult to hacker wars.<\/p>\n<p>This affects communication satellites first and foremost. For example, back in the aughts, the Brazilian mafia <a href=\"https:\/\/www.wired.com\/2009\/04\/fleetcom\/\" target=\"_blank\" rel=\"nofollow noopener\">came up with the idea of using US military satellites<\/a>. They figured out that to receive high-quality, free, anonymous communication all they had to do was assemble a relatively simple antenna.<\/p>\n<p>There is another feature that is especially valuable for cybercriminals: the physical inaccessibility of the satellites. Imagine a hacker group that controls botnets. To foil an attack by them, law enforcement agencies normally need to trace the address of the C&amp;C center and then go to the provider and seize the server in question. But how do you seize a server if it\u2019s physically located somewhere deep in the jungle and its address is flying in space? You\u2019re out of luck. This is why APT groups such as Turla successfully use <a href=\"https:\/\/securelist.com\/satellite-turla-apt-command-and-control-in-the-sky\/72081\/\" target=\"_blank\" rel=\"nofollow noopener\">hacked satellite links<\/a> for their activities.<\/p>\n<p>And it\u2019s entirely possible that the launch of the new low-orbiting satellite constellations <a href=\"https:\/\/en.wikipedia.org\/wiki\/OneWeb_satellite_constellation\" target=\"_blank\" rel=\"nofollow noopener\">OneWeb<\/a>, <a href=\"https:\/\/en.wikipedia.org\/wiki\/Starlink\" target=\"_blank\" rel=\"nofollow noopener\">Starlink<\/a> and <a href=\"https:\/\/ru.wikipedia.org\/wiki\/%D0%A1%D1%84%D0%B5%D1%80%D0%B0_(%D0%A4%D0%A6%D0%9F_%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D1%8F_%D0%BA%D0%BE%D1%81%D0%BC%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%85_%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D1%85_%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D0%B9)\" target=\"_blank\" rel=\"nofollow noopener\">Sfera<\/a> are helping hackers. Security experts are already detecting in these space projects <a href=\"https:\/\/theconversation.com\/hackers-could-shut-down-satellites-or-turn-them-into-weapons-130932\" target=\"_blank\" rel=\"nofollow noopener\">the very same problems<\/a> that the terrestrial IT industry has long been aware of. Manufacturers try to cut costs as much as possible, so to assemble and maintain large satellite constellations they use cheap, widely available components. A lot of those components aren\u2019t analyzed for vulnerabilities since that would mean spending more money. At the same time, attackers can easily find these components on Earth and identify the vulnerabilities that are necessary for attacks, or even deploy these vulnerabilities in advance. In addition, there are still no state standards on satellite cybersecurity.<\/p>\n<p>I\u2019d like to conclude by mentioning another scenario for people who usually say, \u201cThis has nothing to do with me. I don\u2019t have millions of dollars someone can steal or any servers that can be hacked.\u201d If you\u2019re one of those people, I suggest you watch the Russian fantasy film <a href=\"https:\/\/www.imdb.com\/title\/tt8060328\/\" target=\"_blank\" rel=\"nofollow noopener\"><em>Invasion<\/em><\/a>, which depicts a very realistic attack on ordinary people. Artificial intelligence from space that has taken over telecommunications begins calling all the humans, impersonating the voices of their bosses and relatives, and asking them to do certain things. The people agree and turn into an army of obedient zombies.<\/p>\n<p>Setting aside the alien origin of the hijacking, this attack has familiar components: modern methods used by phone scammers combined with a more detailed collection of personal data (yes, this already happens), voice simulation (<a href=\"https:\/\/www.kaspersky.com\/blog\/synthetic-voice-phone-fraud\/18034\/\" target=\"_blank\" rel=\"noopener nofollow\">this also already exists<\/a>), and attacks on satellites to hack telecom systems, which are also far from impossible, as you have surely understood by now.<\/p>\n<p>In short, don\u2019t sit back and assume that space hackers won\u2019t reach you. Finish your Galactic Crunch cereal and glass of Tang and then update your <a href=\"https:\/\/www.kaspersky.com\/advert\/security-cloud?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____ksc___\" target=\"_blank\" rel=\"noopener nofollow\">space antivirus<\/a>.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"earth-2050\">\n","protected":false},"excerpt":{"rendered":"<p>We explore what a real-world space cyberthreat could involve.<\/p>\n","protected":false},"author":2497,"featured_media":43532,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2684],"tags":[880,1134,1239,380,321],"class_list":{"0":"post-43531","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-special-projects","8":"tag-future","9":"tag-internet","10":"tag-satellites","11":"tag-space","12":"tag-technology"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/cybersecurity-in-outer-space\/43531\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/cybersecurity-in-outer-space\/23873\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/cybersecurity-in-outer-space\/19370\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/cybersecurity-in-outer-space\/9714\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/cybersecurity-in-outer-space\/26115\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/cybersecurity-in-outer-space\/24083\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/cybersecurity-in-outer-space\/23864\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/cybersecurity-in-outer-space\/26828\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/cybersecurity-in-outer-space\/26377\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/cybersecurity-in-outer-space\/32303\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/cybersecurity-in-outer-space\/10488\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/vulnerabilidade-spectre\/18917\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/cybersecurity-in-outer-space\/15771\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/cybersecurity-in-outer-space\/28074\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/cybersecurity-in-outer-space\/24804\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/cybersecurity-in-outer-space\/30219\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/cybersecurity-in-outer-space\/30008\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/space\/","name":"Space"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/43531","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2497"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=43531"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/43531\/revisions"}],"predecessor-version":[{"id":43534,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/43531\/revisions\/43534"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/43532"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=43531"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=43531"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=43531"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}