Of all commercial industries that exist, space holds a unique position – particularly at a geopolitical level. As well as constituting an invaluable source of financial income, it also attracts multinational collaboration and remains fundamental to both national and international defence and security.
It is therefore no surprise that the space industry is so heavily congested and contested, accommodating a multitude of semi-autonomous actors and nation states vying to dominate access, influence and control.
While we mustn’t overlook the many international collaborative networks that operationalise the space domain and enhance our understanding of the universe, entrenched international competition leaves space operations – consisting of physical assets in orbit and Earth-based infrastructure – vulnerable to various kinetic and non-kinetic effects. These effects range from direct strikes from anti-satellite (ASAT) munitions to proximity operations, sabotage and subthreshold manipulation.
It's this subthreshold engagement – also known as ‘grey zone’ activity that causes disruption while falling below the threshold of a traditional act of war – that is particularly relevant when we consider the role of the Insider Threat (IT).
Recognising the threat
According to the UK’s National Protective Security Authority (NPSA), an ‘insider’ in the threat sense constitutes someone who uses their authorised access to or knowledge of an organisation’s resources to cause harm or loss to that organisation and its partners – either deliberately or accidentally through mistaken conduct/negligence. It is a type of tactical activity that can have significant adverse strategic effects, which is why it is recognised as a leading global security concern.
This is especially true in the current climate of geopolitical tension and uncertainty. Such times are typically accompanied by an uptick in small-scale covert actions (including insider threat activity), which offers adversaries an avenue to degrade governmental, industrial and/or academic institutions in a nuanced manner that isn’t easily attributable.
Bringing things back to the space industry specifically, it’s unsurprising that the risk of insider threat is acknowledged around the world as a national security priority. It is important to recognise the sensitivities and value of space assets to governments, commercial organisations and criminal entities. Highly classified and heavily secured assets − such as next generation dual-use space-based technologies − that are intended to be kept under the most stringent controls have been targeted by criminal organisations and adversarial nation states.
And we must remember that the main target isn’t always the insider’s immediate organisation. They may also be looking to disrupt or deny supply chains, or covertly access small-scale components that are fundamental to successful space-based operations − such as the circuitry that enables a satellite’s Telemetry Tracking and Command (TT&C) or propulsion systems.
Assuming they are able to remain undetected, an insider threat actor could conceal themselves within a core supply chain to conduct persistent sabotage activity that threatens the operational integrity of space-based assets, or leaves them vulnerable to manipulation by an unauthorised third party.
For example, by covertly working for a small private sector space contractor that is manufacturing a certain component as part of a larger defence tender, an individual might ultimately be able to obtain access to sensitive national security data through a larger partner’s systems and infrastructure.
While by no means easy to achieve, the risk is certainly present given how space technology has become essential to military operations and the functioning of critical national infrastructure – having the potential to put our national security and societal way of life at risk. It’s for this reason that counterintelligence protocols in the space industry should be afforded close attention.
Protecting against malicious insiders
When analysing potential insider threats to space assets, it is essential to adopt a holistic perspective that considers not only space-based assets, but also the ground station infrastructure that controls them. Equally important is the need to secure the data involved in the management of space assets – will always ensuring that robust personnel security measures align with the fast-paced evolution of technological progress.
More broadly, organisations must look across their supply chains, paying close attention to unclassified communications and data storage networks. These areas are where technology suppliers tend to conduct most of their day-to-day operations, so steps must be taken to fortify them against hostile intrusion.
Further complicating the matter of intra and inter-organisational communication is the vast array of satellites in orbit and their extensive lifecycles. Reliance upon long-established space technology introduces vulnerabilities through unpatched legacy components and calls into question the extent to which suppliers retain control over the software codes built into the multitude of essential technological components.
It is also pertinent to recognise the variance in cyber threat vetting and cyber security protocols that exists across the global supply chain matrix and between the private and public sectors. To facilitate a much-needed cross-domain supply chain cyber security framework, commercial space organisations must champion a culture of threat mitigation, while government agencies must promote the efficient dissemination of intelligence to suitably vetted non-governmental subject matter experts.
Ultimately, this isn’t a threat that shows any signs of disappearing. Indeed, the deepening geopolitical instability present in the world today will likely continue to promote the delivery of hostile subthreshold activities that fall short of conventional warfare – of which the insider threat is a major component.
And, with space technology playing an ever-growing role in defence and national security operations – not to mention sustained industry growth increasing competition between commercial entities and their respective governments – the space sector will remain a high-priority target. Adversaries will be looking to target the technical infrastructure underpinning essential space services and assets. It’s therefore up to us as a collective to recognise the dangers of insider threat and put the appropriate guardrails in place.