Emerging Risks to Space Systems: A Space Cyber Primer

06 Apr 2022 • Written by ovabor

Artemis Illustration

Emerging Risks to Space Systems: A Space Cyber Primers

Introduction

Emerging risks to space systems are a serious concern as the world becomes increasingly reliant on satellites for communication, navigation, and other critical functions. While the risk of cyber attacks against space systems has been recognized for some time, recent events have highlighted the need for increased vigilance in this area.

One recent example is the attack on Viasat’s satellite broadband service that was blamed on Russia’s military intelligence service (GRU). This incident involved hackers compromising and exploiting the system that manages customer terminals and then destroying data and equipment with a destructive wiper malware. The attack affected tens of thousands of terminals in Ukraine and across Europe, which were part of the KA-SAT network. While no damage was done to any satellites themselves, this attack highlights the potential vulnerability of these systems to cyber attacks.

In addition to cyber attacks, other emerging risks to space systems include:


Since the launch of Sputnik 1 in 1957, space capabilities have proliferated to dozens of countries due to decreasing costs and technological advancements. These capabilities are vital to many aspects of society, including communications, navigation, financial transactions, and weather monitoring. Military forces rely on satellites for communications, navigation, and intelligence; commercial firms use them to provide telecommunications, earth observation, television and radio broadcasting, weather forecasting, and other services; and civilians benefit from applications such as Global Positioning System (GPS) navigation for vehicles and cell phones to PNT signal for financial transactions.

Longstanding technological barriers to space are falling due to advances in satellite miniaturization and reusable launch vehicles. This is enabling more countries as well as commercial firms to participate in the construction of satellites and spacecrafts for space exploration, human spaceflight, and the launch of payloads into orbit on different types of launch vehicles. This increased competition is driving down the cost of access to space, making it possible for a wider range of entities to exploit its benefits.

At the same time that these advancements are creating new opportunities for collaboration in space exploration and exploitation, they have also given rise to new risks. For example: while the proliferation of capabilities has led to increased bilateral ooperation between nations as well as new opportunities for businesses through technology transfer licensing programs, some foreign governments are developing capabilities that threaten others’ ability to use outer space peacefully for legitimate purposes such as telecommunications, scientific research or earth observation to name a few.


Space Applications

There are many space applications that play a vital role in our day-to-day lives. These systems include, but are not limited to, the following:


Space Infrastructure

Spacecraft and satellites are often used interchangeably. However, there is a distinction between the two terms. A spacecraft is anything that leaves Earth’s atmosphere, while a satellite is something that orbits Earth, moon, or another celestial body.

Spacecraft can be divided into two categories: manned and unmanned. Manned spacecraft carry people into space, while unmanned spacecraft do not. Some common examples of manned spacecraft are the Space Shuttle and Soyuz capsule. Unmanned spacecraft include things like the Hubble Space Telescope and Mars rovers.

Satellites can also be divided into two categories: natural and human-made. Natural satellites are planets like Earth, Jupiter, Uranus, Saturn, Neptune and Mars that orbit around the sun. Human-made satellites are spacecraft that people put into orbit around the Earth. The first human-made satellite was called Sputnik 1 and it was launched by the Soviet Union on October 4th 1957. There are now thousands of human-made satellitese orbiting Earth that are used for communication, such as television or phone signals. Others are used for navigation, like GPS systems. Military forces use reconnaissance human-made satellite to spy on their enemies from space. Finally, some human-made satellites orbit the Earth to collect data about our planet’s climate or environment.

Launch vehicles are used to put payloads (astronauts, cargo, satellites, spacecrafts, probes, etc) into orbit around Earth or other planets/moons in our solar system. There are many different types of launch vehicles, but they can be broadly classified into two categories: expendable and reusable. Expendable launch vehicles are designed to be used only once and then discarded. They typically consist of a rocket engine mounted on a simple frame, with no means of returning to Earth. The most common expendable launch vehicle is the United States’ Atlas V, which has been used to send payloads into orbit more than 70 times since 2002. Reusable launch vehicles, on the other hand, are designed to be flown multiple times. They typically have wings or landing gear so that they can return safely to Earth after use. The most famous reusable launch vehicle is undoubtedly SpaceX’s Falcon 9 rocket, which has been used for dozens of launches since 2010 and has even landed back on Earth intact multiple times.


Spacecraft Phases and Operations Overview

Spacecraft and satellites are constantly under cyberattack during their life cycle. The most vulnerable times are during the launch and early operations period (LEOP) when they are being commissioned and brought online, and in the end-of-life phase when they are decommissioned. It is therefore important for spacecraft engineers to take into account cybersecurity threats and vulnerabilities when designing these systems.

The following are the life cycle phases of a typical spacecraft:


Space Architecture Segments

In order to understand the threats to space systems, it’s important to first understand the four different segments that make up a typical space architecture:

  1. Ground Segment - The ground segment refers to all infrastructure and facilities located at or near Earth’s surface that support satellite operations. These include command and control centers; tracking stations; data processing and storage facilities; launch pads and associated infrastructure (e.g., fueling systems); vehicle assembly buildings/hangars; antenna farms; roads and other transportation infrastructure linking these elements together.

  2. Link Segment - The link segment is composed of all physical links between two ground segments or a ground segment and a user terminal(s). Links may be optical fiber cables (fiber optic), microwave links using beamforming antennas, or satellite links using either geostationary satellites or low earth orbit (LEO) satellites for cross-link communications among multiple ground segments supporting one mission operation center.

  3. User Segment - The user segment consists of customers who purchase services provided by satellite operators. For example: Direct broadcast services for receiving television signals; telecommunications services including voice telephone service; broadband Internet access; government entities who use satellites for national security purposes such as imagery intelligence, early warning, communication relay, navigation assistance etc.

  4. Space Segment - The space segment comprises one or more operational spacecraft bus(es), payload(s) and associated subsystems including power generation and distribution equipment, thermal control hardware and software, propulsion system, attitude determination and control system making up the operational satellite system.


Threats to Space Systems

There are many types of threats to space systems, but the five that are most commonly cited are cyber threats, directed energy weapons, electronic warfare, kinetic energy threats, and orbital threats. Each of these threats could be a stand-alone essay, but we will only focus on the overarching idea that cyber threats pose a significant threat to space systems for the purpose of this essay.

  1. Cyber Threats - Cyber threats are a real and present danger to space systems. For example, an adversary could target satellites or ground infrastructure with a cyber attack in order to deny access or degrade the performance of those systems. Additionally, adversaries can use cyber capabilities to exploit vulnerabilities in space-based communications and data distribution networks, which could allow them to interfere with or even take control of these networks as is the case in Ukraine.

  2. Directed Energy Threats - Directed energy threats are the use of directed energy devices to disable or destroy space systems. These devices can range from lasers to high-power microwaves, and can have effects from temporary to permanent. One well-known example of a directed energy device in action is the 2006 incident in which a Chinese laser was used to temporarily disable several American satellites.

  3. Electronic Threats - Electronic threats are the use of electronic means to deceive, disrupt, or destroy space systems. This can include jamming and spoofing techniques to control the electromagnetic spectrum. For example, Europe’s aviation authority identified some areas near Russia, Ukraine and the Middle East, where GPS signals are getting jammed or spoofed during Russian military invasion of Ukraine. For context, uplink jamming is directed toward the satellite and impairs services for all users in the satellite reception area. Downlink jamming has a localized effect because it is directed at ground users, such as a military unit using satellite navigation to determine their location. Spoofing deceives the receiver by introducing a fake signal with erroneous information.

  4. Kinetic Energy Threats - Kinetic energy threats are the use of kinetic energy weapons that do not rely on explosive missiles to destroy satellites. Instead, it relies on pure speed and mass to cause damage to its target satellite via direct-ascent antisatellite (ASAT) missiles. For example, on January 11, 2007, China launched a ballistic missile with a kinetic kill vehicle (KKV) that collided with a non-operational Chinese weather satellite. Also, on November 15th 2021 Russia conducted a direct-ascent anti-satellite (ASAT) test to destroy one of its own electronic signals intelligence satellites that has been in orbit since 1982.

  5. Orbital Threats - Orbital threats are space-based systems that can deliver malicious effects against other spacecraft. These systems could include satellites, payloads such as kinetic kill vehicles, radio frequency jammers, lasers, chemical sprayers, high-power microwaves, and robotic mechanisms. For example, on February 10 2020, Gen. John “Jay” Raymond, the Space Force chief of space operations, revealed to Time magazine that a pair of Russian satellites came extremely close within 100 miles (160 kilometers) of a U.S spy satellite.


Defining Cyberthreats

Cyberthreats can be defined as any malicious act that is carried out through the use of a computer or network. This can include anything from stealing data to causing physical damage to systems. While there are many different types of cyber threats, they can generally be divided into two categories: attacks that target information and attacks that target infrastructure.

Attacks that target information are those that aim to steal, destroy, or manipulate data. These types of attacks can be very damaging, and often result in the loss of money or proprietary information. One common example of an attack targeting information is ransomware, which locks users out of their files until a ransom is paid.

Attacks targeting infrastructure are those that aim to disrupt or disable critical systems such as power grids or communication networks. These types of attacks can have serious consequences for both individuals and businesses alike. A well-known example of an attack targeting infrastructure is the Stuxnet virus, which was used to sabotage Iranian nuclear facilities.


Cyber Threats to Space Systems

Cyber threats to space systems are a significant concern for both military and commercial entities. Attacks can occur across multiple segments within the space architecture, from the ground to the link to the user and ground segment.

In its 2018 report, “Joint Publication 3-14A: The Joint Doctrine for Space Operations,” the U.S Department of Defense noted that “space is increasingly becoming a contested operational domain in which potential adversaries can use cyber capabilities to disrupt or destroy U.S. satellites and ground infrastructure.”

On February 24, 2022, Russia is believed to have hacked US satellite communications provider Viasat KA-SAT network terminals on the day of its invasion of Ukraine. This cyber attack not only affected Ukraine, but other surrounding regions in Europe too.

Some examples of cyber threats to space systems by National Air, Space, and Intelligence Center (NASIC) include:

Space Segment Link Segment Ground Segment User Segment
Command Intrusion Command Intrusion Hacking Spoofing
Payload Control Spoofing Hijacking Denial of Service
Denial of Service Replay Malware Malware

Cyberthreats to space systems are often underestimated and misunderstood. In terrestrial systems, data breaches, security breaches, and security incidents are often called hacking in the news. However, the same mistake should not be made when discussing different types of attacks on space systems. I strongly believe that electronic radio-frequency jamming, spoofing, and lasing should not be classified as hacking on space systems. The problem with these types of attacks getting tagged with hacking is that it doesn’t help explain the full-picture of what is going on. In space, it is hard to attribute all the different types of attacks that are not physical (for example cyberattacks can be difficult to distinguish from harshness of space environment or subsystem failures in the space segment). So it is better we are specific when we discuss attacks on space systems.


Cybersecurity Threat Agents and Levels of Sophistication

There are many different cybersecurity threats agents and each with their own potential motivations for why they would be interested in compromising space systems. They vary in terms of their technical sophistication. For example, state actors may be interested in compromising space systems in order to gain a military advantage, while criminal elements may seek financial gain. Terrorist groups could also attempt to damage or destroy space systems in order to promote their causes. Finally, individual hackers may attempt to compromise space systems for the bragging rights and notoriety that comes with such an achievement. The table below outlines different threats agents and their levels of sophistication by Aerospace Corp:

Tiers Name Skills Malice Motive Methods
I Script Kiddies Very low Low Boredom, thrill seeking Download and run hacking scripts known as “toolkits”
II Hackers for Hire Low Moderate Prestige, personal gain, thrill seeking Write scripts, engage in malicious acts, brag about exploits
III Small Hacker Teams: Non-State Actors OR Disorganized/State Actors Moderate Moderate Power, prestige, intellectual gain, respect Write scripts and automated tools
IV Insider Threats (e.g. disgruntled employees) Very low – Very high Very low – Very high Unwitting, ideology, politics, espionage Insider knowledge; Methods can range from inadvertent to sophisticated
V Large, Well-Organized Teams: Non-State OR State Actors High High Personal gain, greed, revenge Sophisticated attacks by criminals; “guns for hire” or organized crime
VI Highly-Capable State Actors Very high Very high Ideology, politics, espionage State sponsored cyberattacks against enemy nations
VII Most Capable State Actors Very high Very high Ideology, politics, espionage State sponsored cyberattacks against enemy nations

Case Study: How to Hack Communication Satellites

In this case study, we will look at how to hack communication satellites with relative ease.

Goal: Take full control of a communication satellite and redirect its path.

How: Exploit vulnerabilities in the hardware and software components of the communication satellite.

Tools:


Code

$ Okay, Houston,
$ Here you can study open-source aerospace engineering materials curated by Alexander.

GitHub


Blockquote

“Space-based assets are critical to the modern military’s capability and form part of the critical national infrastructure of a modern economy. Being able to protect and defend the assets is critical to both military and to the day-to-day running of the modern economy.” - Dr Michael Holden


SpaceSec: The Next Giant Leap in Space Systems Security
Africa's Emerging Space Industry: Challenges and Opportunities