Cyber Security in Space: Securing the Critical Infrastructure of Satellites

Introduction

As cyber attacks have become more prevalent, attacks have not only become more frequent, but are targeting a range of systems that have weak security controls. Now, attacks not only occur on business systems, but on process control and manufacturing systems. As systems become tightly interconnected, it opens up opportunities for attackers to target these critical systems. Cyber attacks are occurring across a wide range of critical infrastructure, so let's take a look at some of the less considered, but no less important, cyber attack targets.

It’s surprising how little security exists in some situations. For example, in some coastal regions, internet cables literally appear on the beach, coming out of the sea and connecting to land installations [1, 2].

These cables, which carry vast amounts of data across the globe [3], are often exposed in such locations, making them vulnerable to physical damage. Any accidental or malicious activity could potentially interfere with these cables, disrupting internet connectivity not just for the immediate area, but for entire regions that depend on this connection. These cables also lie across the bottom of the sea [4] begging the questions: 'who is monitoring them?' or 'could someone tap into and capture data from them (or “listen” to them)?' This vulnerability highlights the need for enhanced security measures and protection for these critical infrastructure points to prevent potentially devastating disruptions to global communications.

That piqued my interest on what other areas of critical infrastructure may be exposed, and more complex than merely exposed cables. Enter satellites!

Space: The Vulnerable Frontier

Satellites are essential to global infrastructure, powering everything from communication networks to GPS systems. However, recent findings by German researchers have revealed alarming security flaws in satellite systems, such as unprotected communication interfaces and the use of outdated software, which may be vulnerable to buffer overflow attacks [5, 8].

Legacy Systems and Software

Satellites are vulnerable for several reasons, primarily due to the way they are designed, operated, and maintained. Many satellites were designed and built years or even decades ago. At the time, the focus was on ensuring that these systems were functional, reliable, and able to withstand the harsh conditions of space. As a result, they often use older software and programming languages, that may have been cutting-edge at the time, but are now outdated. These legacy systems are more likely to contain known vulnerabilities, which modern attackers can exploit. Additionally, the process of updating satellite software is complex and risky, leading to many systems operating on outdated code for extended periods.

Functionality over Security

The primary objective in satellite design has traditionally been functionality — ensuring the satellite can perform its intended tasks such as communication, weather monitoring, or navigation. Security was often an afterthought, if thought of at all. One might assume that the physical isolation of satellites in space would naturally protect them from threats, however, as technology has advanced, this assumption has proven to be dangerously flawed. Modern cyber threats can target satellites through their communication links with ground stations, making security an essential consideration that was previously overlooked.

Long Lifespan

Satellites are designed to operate for many years, sometimes decades, without direct human intervention. Once launched, physical upgrades are nearly impossible, and software updates must be carefully planned and executed remotely. This means that any security flaws present at launch may persist for the satellite's entire operational life. Additionally, the long lifespan of satellites means they are often running on hardware and software that are significantly outdated by the end of their mission, further increasing their vulnerability to modern threats.

Insufficient Security Protocols

Many satellites lack basic security measures that are standard in terrestrial systems. For example, some satellites do not use encryption for their communication channels, making it easier for attackers to intercept and manipulate data. The absence of robust authentication mechanisms also means that unauthorised entities could potentially gain control of a satellite by sending malicious commands. These gaps in security protocols are partly due to the historical focus on functionality over security and the difficulty of implementing and testing complex security measures in space environments.

Rush to Deploy

The recent surge in commercial satellite launches has introduced new challenges. Many newer satellites, particularly those launched by private companies, are designed and deployed quickly to meet market demands. In this fast-paced environment, security considerations can be neglected or inadequately addressed, leading to an increasing number of vulnerable satellites in orbit. The sheer number of satellites being launched also means that even a small percentage of insecure systems can pose significant risks to global infrastructure.

These weaknesses pose significant risks. If compromised, satellites could be hijacked, leading to catastrophic outcomes like collision with other objects in space or disruption of critical services on Earth [6, 7]. The following are a few examples of potential consequences of a vulnerability exploit.

Potential Consequences

1. Hijacking and Collisions: One of the most immediate dangers is the potential for an attacker to take control of a satellite, redirecting its orbit or crashing it into other space objects. Such collisions could create dangerous debris fields, threatening other satellites and space missions [7, 8].
2. Disruption of Services: Satellites provide critical services like GPS, weather monitoring, and global communications. If compromised, these services could be disrupted, leading to widespread chaos, especially in sectors like transportation, military operations, and emergency services [7, 8].
3. Espionage and Data Theft: Unsecured satellites could be used for espionage, allowing attackers to intercept sensitive communications or gain access to classified data. This is particularly concerning for military and government satellites [5, 7, 8].

Enhancing Satellite Security

There is an urgent need for the satellite industry to adopt stronger cyber security measures. As space becomes increasingly commercialised, with hundreds of new satellites being launched, the risks associated with insecure systems will only grow. A few examples of areas for improvement include:

1. Implementing Encryption: Encryption should be a baseline requirement for all satellite communications. This would prevent unauthorised access to data and commands, safeguarding the integrity of satellite operations.
2. Regular Software Updates: The use of outdated software, especially with known vulnerabilities, must be addressed. Regular updates and patches should be implemented to close security gaps and protect against new threats.
3. Cyber Security Standards for Space: The space industry needs clear cyber security standards and best practices. Initiatives like the Institute of Electrical and Electronics Engineers (IEEE) Standards Association’s effort to introduce common practices are steps in the right direction [9, 10, 11, 5].

Conclusion

As satellites continue to play a critical role in our global infrastructure, ensuring their security is a top priority. Failure to address these vulnerabilities could have far-reaching consequences, not just in space but across the globe.

References

[1] Miller, G. (2015). Undersea internet cables are surprisingly vulnerable. WIRED. https://www.wired.com/2015/10/undersea-cable-maps/

[2] Anonymous. (2018). Winter storms leave Israel’s undersea internet, phone cables exposed. The Times of Israel. https://www.timesofisrael.com/winter-storms-leave-israels-undersea-internet-phone-cables-exposed/

[3] https://www.submarinecablemap.com/

[4] Burgess, M. (2022). The most vulnerable place on the Internet. WIRED. https://www.wired.com/story/submarine-internet-cables-egypt/

[5] Burgess, M. (2023). Satellites are rife with basic security flaws. WIRED. https://www.wired.com/story/satellites-basic-security-flaws/

[6] Kaczmarek, S. (2024). Cybersecurity for satellites is a growing challenge, as threats to space-based infrastructure grow. The Conversation. https://theconversation.com/cybersecurity-for-satellites-is-a-growing-challenge-as-threats-to-space-based-infrastructure-grow-223877

[7] Kallberg, J. (2012). Designer satellite collisions from covert cyber war. Strategic Studies Quarterly, 6(1), 124. Available at SSRN: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2131920

[8] Willbold, J., Schloegel, M., V?gele, M., Gerhardt, M., Holz, T., & Abbasi, A. (2023). Space Odyssey: An experimental software security analysis of satellites. In 2023 IEEE Symposium on Security and Privacy (SP) (pp. 1-19). IEEE. https://doi.org/10.1109/SP46215.2023.10351029

[9] IEEE Standards Association. (n.d.). IEEE P3349 - Standard for Space System Cybersecurity. IEEE. https://sagroups.ieee.org/3349/

[10] Falco, G. et al. (2022). An international technical standard for commercial space system cybersecurity: A call to action. In ASCEND 2022. American Institute of Aeronautics and Astronautics. https://doi.org/10.2514/6.2022-4302

[11] Anonymous. (2024). New cyber security framework developed. Australian Defence Magazine. https://www.australiandefence.com.au/defence/cyber-space/new-cyber-security-framework-developed