Space: The Last Bastion Against Cyberattacks

Space: The Last Bastion Against Cyberattacks

This week, a large lunar settlement experienced a distributed denial-of-service (DDoS) assault that rendered all electronic door locks inoperable, trapping scores of people inside and keeping many more out in the bitter cold. The threat actor behind the attack is said to have taken control of a number of decades-old CubeSats last year in an attempt to use them to set off a series of possibly catastrophic satellite collisions.

Naturally, neither "incident" has actually occurred. Still. However, it's possible that they will happen at some point in the not-too-distant future, so it's best to start making plans and thinking about them now.

That's the conclusion drawn from a recent study on outer space cyberattacks by academics at California Polytechnic State University (Cal Poly), which was supported by the US National Science Foundation (NSF). The 95-page paper looks at a number of factors that might lead to a new frontier in cyberattacks over the course of the next few decades as nations and the private sector compete for control and influence in space.

Space Cybersecurity Taxonomy

Primarily, the paper provides a taxonomy on space cybersecurity, which can be utilized by researchers to generate millions of new cyberattack scenarios involving launch and ground infrastructure, satellites, space stations, satellite phones and terminals, and ground-to-space communications links.

The authors offer 42 examples of how researchers might utilize the taxonomy to imagine all the many ways that cyberattacks could transpire in space, two of which are the hypothetical lunar door lock attack and CubeSat swarm takeover. Other instances include the introduction of fictitious information about alien life into a deep space expedition in order to cause an unwarranted, expensive, and time-consuming reaction; or the infiltration of vital food supplies into an out-of-world camp by cyberattacks on the systems in charge of such supplies.

"Imagining Cyberattacks to Anticipate Risks Unique to Space" is the acronym for the taxonomy matrix that is used to show the taxonomy itself. The matrix enumerates all the key elements of a cyberattack and arranges them according to the attack vector, kind of exploit, possible motivations of threat actors, targets, and different space capabilities that an assault could jeopardize. The researchers claim that by choosing a variable from two or more of these categories, they may generate over 4 million unique scenarios for cyberattacks in space.

The report's principal author and head of Cal Poly's Ethics + Emerging Sciences Group, Patrick Lin, believes there are multiple reasons to believe that cyberattacks would predominate in space combat.

However, Lin notes that most conversations about cyber dangers in space, at least the ones that aren't classified, seldom go beyond a few commonplace scenarios like satellite hacking or jamming, signal spoofing, or turning off GPS connectivity.

This is partially due to the fact that all cyberattacks on space targets that have been documented to date have only included one of these elements. The most recent instance is the Russian strike on the American communications provider Viasat in February 2022, which caused tens of thousands of clients around Europe to lose satellite access. The other is the riskier tendency of ignoring or failing to account for all the new attack surfaces that are emerging as government and commercial entities race to launch a plethora of new technology in space, ranging from enormous spacecraft to tiny CubeSats for scientific study.

An Inability to Contemplate Space Attacks

"Since failing to imagine a full range of threats can be disastrous for any security planning, we need more than the usual scenarioAmong these include the distance from Earth, the complexity of technology, and the recent increased congestion of space caused by countries and commercial enterprises vying to implement space technologies.

As the research points out, after stabilizing at about 150 new objects annually between 1965 and 2012, the number of recorded objects in space, the majority of which are satellites, has been rising at an astounding rate recently. Over the past two years, the average annual number of new items has been 2,600.s that are typically considered in space-cybersecurity discussions," adds Lin. "Our ICARUS matrix fills that 'imagineering' gap."

Lin, along with the report's other authors, Keith Abney, Bruce DeBruhl, Kira Abercromby, Henry Danielson, and Ryan Jenkins, highlighted a number of elements that would raise the risk of cyberattacks associated to space travel in the next years and decades.

It is also more difficult for stakeholders, both public and commercial, to address vulnerabilities in space technology because of the distance and immensity of space. Many of the devices that potentially be targets of cyberattacks were sent into orbit long before cybersecurity became a common concern.

"And, as crazy as it sounds, satellites are still being launched today with no cybersecurity, such as CubeSats that are popular with university labs and others for their inexpensive cost to build and launch," the research stated. "They typically have neither the onboard room to squeeze in cybersecurity components nor the budget for it anyway."

Space Junk, Complexity of Technology, and More

The expanding complexity of space systems, many of which are still prototypes when they are deployed, and the comparatively low efforts to comprehend or investigate cyber-exploitable flaws in them exacerbate the issue. The public is generally unaware of possible cyber risks associated with space technology and the space supply chain as a whole. This can be due to a variety of factors, including technological novelty, security classification concerns, or manufacturer refusal to provide information.

It's interesting to note that stakeholders' self-interest in preventing their contributions to the expanding space debris problem may, paradoxically, drive enemies to forgo direct combat in space and instead settle scores through cyberspace. According to the paper, there are already about 35,000 trackable space trash pieces and over a million smaller fragments. Nobody really wants to add to that number by colliding or blowing up other space objects.

Lin and his associates also noted that future enemy interest may be sparked by ambiguous legal frameworks, the possibility for increased visibility, and the effects of cyberattacks on space assets.

"Assessing capabilities in cybersecurity is never easy, and it’s even worse for the space domain because of the inherent national-security concerns that may classify much of that information," adds Lin. "Space cybersecurity is shrouded in mystery from the start, which isn't surprising since space launches started as military missions."

However, he claims that security by obscurity won't be an option for very long. He cites multiple teams that successfully broke into a 3U CubeSat during DEFCON last year as evidence that researchers have already started searching for weaknesses in space technology. "Cybersecurity is benefitted when more researchers can focus on a problem, but the classification of technical details and the lack of general awareness about space cybersecurity are preventing more cybersecurity practitioners from engaging with the problem here."

Space cybersecurity experts, both technically and in terms of policy, are among the report's primary audiences, according to Lin: "Even if they understand the drivers of the problem — and it's critical to understand a problem in order to solve it — security planners can always use help in anticipating novel threats."

Second, according to Lin, the study also aims to increase awareness of the issue among scholars from other fields, particularly non-technical ones like the humanities and social sciences. Thirdly, "we also want to raise awareness with the broader public because we're all stakeholders here by virtue of being possible victims," he states.