The Space Industry Faces New CyberSpace Risks

While awareness about cyber threats has increased in recent years, the occurrence of cyber attacks to satellites tend to be either downplayed, unmonitored, or reported as common incidents.

cyberspace

Photo: Alan Uster / Shutterstock

The rapid growth in satellite applications is creating new threat vectors for the space industry. As a large number of interconnected services start relying extensively on space communications, disruptions or attacks to these services could have disastrous consequences.

According to a report by IOActive, a forensic security analysis of chips and circuit boards inside SATCOM terminals, revealed multiple points vulnerable to hackers. The report further informed us that malicious actors could use reverse engineering to abuse all devices, and the vulnerabilities could allow attacks to block or manipulate communications, and in some cases, take remote control of the physical device.

Reverse engineering is just a single type of cyberspace risk that can damage satellite and other space communications; here are additional principle threats the space industry is vulnerable to:

Eavesdropping

Eavesdropping is a technique that enables hackers to access transmitted data. Even though most satellite communications are encrypted, there are several guides describing how to intercept satellite transmissions.

A popular example is the Russian-developed SkyGrabber software, which was sold for $26. Hackers in Afghanistan and Iraq utilized it to capture video feeds (unencrypted) of the UAVs (unmanned aerial vehicles). It also disclosed locations under military surveillance and the patterns followed by drones.

GPS systems

Exploitation of vulnerabilities in GPS systems is a classic example of space satellite attacks. Volpe Report’s document describes the threats to GPS systems, revealing the principle threat vectors for the widely deployed technology.

The most catastrophic threat is GPS Spoofing – this is a hacking technique in which the GPS receiver is fooled into tracking GPS signals from a counterfeit device. GPS signals create false signals to trick receivers into thinking they are coming from a different location; this form of hacking is difficult to detect and can be used to hijack space vessels.

Jamming

Jamming is a satellite hacking technique that involves the attacker overpowering or flooding a receiver, a transmitter, or a signal, interfering with original transmission. Interference is the primary cause of degradation and impairment of satellite services.

Hackers, through a directed antenna, cause the interference, taking the form of a signal, having enough power to override the legitimate transmitted signal. Satellite jamming is often used to cause impairment of communication required for media censorship purpose.

Iraq acquired jamming equipment during Operation Iraqi Freedom last year, allegedly from Aviaconversiya Ltd., a Russian company. Six jamming stations at different locations were discovered and destroyed. Satellite jamming can be used to cause disruption in both military and business-level devices through interference in space transmission signals.

Implications of the risks

These risks create challenges as the space industry has to contend with new threat vectors, but currently possess limited historical data on the severity and nature of the threats. The attacks are difficult to identify in the wild, so there are no standard measures to prevent them, nor standard patches available to protect against them. If the space systems are vulnerable to such exploits and comes in contact with one, there’s very little the space industry can do itself to defend against them.

As a result, it is a leap to the unknown space where business, political, strategic and criminal interests could come into play. To safeguard against these threats, the industry needs to look at new risk transfer solutions that specialize in addressing gaps in existing security covers. A single industry-wide solution is likely to be unsustainable or unrealistic due to the variety and multiplicity of exposures.

What the industry really needs is cyber intelligence services equipped to deal with these exposures due to their experience and their industry knowledge of dealing with risks of a similar nature, and providing tailored solutions.

Additionally, governments and lobbyists need to define international standards on the definition of harmful activity to prevent aggressive attacks in outer space. It is important to take this action in an international law framework that is expanded on a global scale.

Also, it is fundamental to develop necessary technologies to improve satellite infrastructure security, focus on mitigation and prevention of threats. The private sector and government needs to step up quickly enough to improve communication about emerging threats and prevent hacking catastrophes.