As space becomes the latest frontier for human dominance, satellites are becoming ever-important for life on Earth to function. There are currently 10,352 satellites orbiting the Earth of which 2317 were launched last year, according to the United Nations Office for Outer Space Affairs. But just like any other piece of complex technology, satellites can be hacked.
Last year, just before the Russian invasion of Ukraine, alleged Russian government hackers disabled communications in Ukraine by launching an attack on a US satellite company Viasat. The incident became one of the largest publicly known cyber-attacks to take place since Russia invaded Ukraine and highlighted that our precious space equipment was indeed hackable.[1]
While the cyber-attack on Viasat’s KA-SAT, targeted the satellite’s ground infrastructure and not the satellite itself, it still resulted in tens of thousands of people being cut off from the internet. The attack also had a knock-on effect, disrupting internet connections across Europe, from Poland to France.
Previous satellite hacks – It is not the first time satellites have been hacked. US military satellites have been subjected to hostile jamming attacks since at least 2006.
In 2007, independent rebels affiliated with the Tamil Tigers in Sri Lanka hacked into the communications channel of a US-made Intelsat satellite and used it to distribute propaganda via international television and radio broadcasts. Hackers have also taken control of Nasa’s Terra EOS Earth Observation system satellite multiple times for several minutes.
In 2014, hackers based in China successfully brought down US weather satellites for around 12 hours. Last year, hackers even hijacked a decommissioned satellite and used it to broadcast films. Clearly, the threat is very real and the stakes are high.
Hacking a satellite and its consequences - Hacking satellites is unlike hacking into typical IT systems because satellite networks traditionally use embedded software. Meaning, the code is built to run on only one, specially designed piece of hardware, rather than interchangeably on thousands of different kinds of devices in traditional IT systems. However, the new generation of satellites has links with ground stations, making them vulnerable to cybersecurity breaches.
One might not realize how dependent we are on satellites in space to support communications, agriculture, weather, military operations, supply chains, oil and financial markets. Life on Earth can very quickly come to a standstill if global satellite communication systems are disrupted.
Global space-related activities generated $447 billion in 2020, supporting everything from vehicle navigation to efficient farm management. Political tensions also drive the cybersecurity threat posed to satellites. For example, Elon Musk’s mega-constellations of satellites could be under risk of cyberattacks.
Last May, China expressed concern about the military threat posed by Musk’s Starlink constellation and highlighted the need for China to develop counter measures to destroy the satellites in case they threaten the country’s national security.
So, what’s being done to hacker-proof satellites? Since last year’s Viasat hack, the FBI issued an alert in March on threats to satellite communications. The US also approved bipartisan legislation in June that would direct the Cybersecurity and Infrastructure Security Agency (CISA) to assemble recommendations for defending commercial satellites.
In 2019, The Space Information Sharing and Analysis Center (Space-ISAC) was formed for the space sector to share threat data globally. Most recently, a watch centre where space industry officials worldwide can track cyber-attacks on satellites and other space systems is in the works. “Cybersecurity in space is going to become more of a thing. Maybe we think of hacking spacecraft as things of science fiction, but they’re not,” said the Chair of the UAE Space Agency, as reporting to a UK publication. “There are interference mechanisms that need to be treated the same way that you treat cybersecurity on any system to ensure that your communication protocols are secure and cannot be interfered with.”
With private companies such as SpaceX and Blue Orgin entering the space race, there are nearly 10351 satellites in orbit today, making their security a priority. “Both physical security and cyber security are things we’re paying close attention to,” the Blue Origin’s Senior Director for Emerging Markets recently said. “We are thinking about security from the way that we design our systems to the way we operate them and certainly are grateful for organizations on the government side that are taking care of all of us in space.” For the most part, it does look like it’s up to governments to keep space infrastructure safe.
Hack-A-Sat: One of the more novel solutions to hacker-proof satellites was introduced by the US Air Force (USAF) in 2020; an annual satellite hacking competition. ‘Hack-A-Sat’ is a competition for ethical hackers to find vulnerabilities in satellites before cyber villains get to it. The event is a real-time contest between teams of security researchers competing to prove their offensive and defensive hacking skills. The systems the hackers are trying to break will be safely on the ground. If you feel so inclined to compete at hacking a satellite, the qualification round for this year will take place the weekend of 1 April, yes April Fools. HAS3[2] The contest is open to all individuals, nationalities, ages, academic institutions, and business entities, according to its website.
“The same way that cybersecurity evolved on the internet and in other hardware, it’s going to eventually evolve in space,” said a researcher. Satellites are vital space infrastructure for systems on earth to run smoothly and hacking them is not just stuff of science fiction now. Ensuring their security will need to be on top of government agendas as humans venture further into space and political tensions can carry over beyond the earth.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://www.msn.com/en-us/news/technology/cyber-attacks-in-space-how-safe-are-our-satellites/ar-AA16PvJf
Comments