Indeed, the global space economy is predicted to grow from $630 billion in 2023 to $1.8 trillion by 2035, largely due to our increasing reliance on space solutions for many of the world’s most pressing business and societal challenges – along with everyday applications such as GPS, communications and weather forecasting.
However, with this enhanced connectivity and dependency on space – particularly for critical national infrastructure and national security – comes an increased risk of cyber-attack. Nation states and nefarious actors are increasingly targeting space networks in an effort to disrupt their adversaries without opening themselves up to clear attribution.
This presents two important and challenging questions. What’s the current state of play regarding the cyber threat landscape? And how can we ensure the resilience of space systems now and into the future?
A growing target
The priority being put on space by state actors and cyber-criminals has shifted in recent years as the space domain, becoming a core component of defence and national security apparatus, has introduced more commercial data sources to capitalise on the agility of space to augment traditional monolithic space-based capabilities.
Multiple nations including the UK, France and the US are investing heavily in space defence programmes to enhance their intelligence, surveillance, reconnaissance (ISR) and command and control (C2) capabilities – taking advantage of satellites in Low Earth Orbit (LEO) and Medium Earth Orbit (MEO).
In Australia, the focus has been on increasing active participation and contribution to both the operation and deployment of space capabilities. This includes the ongoing contribution to the US-led Joint Task Force-Space Defense Commercial Operations Cell (JCO) Space Domain Awareness (SDA) network, investing in growing sovereign capabilities such as the Fleet Space led ASCEND2LEO program, and introducing sovereign strategic communications over the Indian and Pacific Oceans through the JP9102 program.
This increasing use of space infrastructure, from a defence perspective, makes it an increasingly attractive target given the sensitivities of the data flowing through it and the opportunity to disrupt a nation’s military operations. Whether intercepting data for counter-intelligence, inserting corrupted data into systems as part of cyber espionage campaigns or removing control access to a nation’s satellites, exploiting any vulnerabilities across the space domain is now a high priority for state actors.
It’s therefore not surprising that the ongoing threat to peace and stability of the international community through interference with information and communications technology is acknowledged by the United Nations in the paper ‘Advancing Responsible State Behaviour in Cyberspace in the Context of International Security’, guided* by the use of 11 non-binding norms of behaviour. The norm relevant to space says member states “…should consider all relevant information, including the larger context of the event, the challenges of attribution in the ICT environment, and the nature and extent of the consequences”. This is relevant due to the nature of state actor interference in space leading to the attribution of cyber intrusions and a proportionate response, noting the possible far-reaching impacts and potential threats to civilian life.
Points of vulnerability
So, global space infrastructure is firmly in the cyber crosshairs, but what’s the level of vulnerability to attack? When we look at space from a cybersecurity perspective, we must consider the attack surface available for threat actors to exploit. This attack surface has expanded significantly in recent years, largely due to the growing number of satellite networks in operation (particularly driven by small, low cost LEO constellations and satellites), expansions to the associated ground infrastructure, and the increasing use of technologies such as ML/AI and data analytics.
What’s more, edge processing is becoming more prevalent. More satellite networks are able to process data at the edge (i.e. in-orbit) and it’s common for threat actors to leverage edge vulnerabilities in their hacking campaigns. This, combined with an enlarged space supply chain consisting of companies ranging from start-ups to multi-national enterprises – all provide more entry points for hackers to exploit.
Furthermore, the combined effects of large satellite constellations and COTS (commercial-off-the-shelf) components are increasingly complicating security at a time when attacks are accelerating in sophistication. The days of ‘security through obscurity’ are largely gone, with common cyber issues such as software backdoors, Denial of Service (DoS) attacks and social engineering all very real concerns in the space domain.
And the risk is made even more acute given how interconnected space is. An attack targeting one particular network or system can end up having a wide-ranging impact – known as a spill effect, whereby a targeted space cyber intrusion can have significant and unintentional consequences.
This was demonstrated by NotPetya in 2017 and its destructive impact across Ukraine and beyond, and the attack on Viasat in 2022. While the core objective of this more recent attack appears to have been to disrupt Ukraine’s military communications, the affected service area ultimately included Germany, Greece, Poland, Hungary and France – including residential broadband as well as industrial applications such as wind turbines in Germany.
Protecting space assets
This all brings us to the challenge of ensuring space security. With the Space 2.0 era upon us, we must acknowledge the shifting nature of the threat landscape and put cyber security at the forefront of our space strategies to support the sector’s future.
For example, we must continue to drive collaboration across the sector. Space consists of multiple sub-disciplines that require extraordinary levels of expertise to be successful. As such, getting the right system engineers and security experts working together to build more secure space systems by breaking down silos between government, industry and academia is vital.
We should also be prioritising a ‘resilience-in-depth’ approach by building systems that can withstand a breach at one level and effectively contain an attacker there. While this is a challenge given the multi-system and multi-stakeholder nature of space infrastructure, building systems that can contain the impact of a breach or vulnerability are worth considering.
Regulation will also have a key role to play. While this area is evolving, space system developers still face different regulations across firms and countries – making it difficult to ensure that components from all supply chain levels maintain the same quality of cyber security and protection. This is an issue we need to get ahead of through innovation and engagement, particularly cross-sector, to help drive standardised legislation across the international space community.
Ultimately, the cyber security of space isn’t much different than on Earth. The vulnerabilities and potential access points are similar – the only difference is that we’re applying it to objects and networks hundreds of miles above our heads. Of course this presents a challenge. But, given the speed and motivation of today’s threat actors, it’s one we must be prepared to tackle head on.
*UN Resolution 70/237 - Developments in the field of information and telecommunications in the context of international security adopted 23 Dec 2015
Stay up to date and hear about the latest thinking, trends and technologies from our team innovating in space for advantage on Earth by subscribing to our Space Insights, or get in touch with one of our experts today
BAE Systems Space
We have been working in this ‘Space’ for more than two decades. We have specialist technologies in waveforms, electronics, antenna and digital signal processing and analytics with 20 years in ground based signal processing for various space agencies.