Our world relies on satellite systems. Examples include the GPS constellation for position knowledge, science missions to study the universe and the Earth, defensive satellites to monitor adversarial tactics and to keep astronauts safe on the International Space Station. Mega-constellations, such as SpaceX’s Starlink, pose even greater challenges to protecting space assets from cyber threats.
A recent space policy directive underscores the need for defensive cyber countermeasures to prevent disruptions to the Nation’s ability to provide reliable and efficient contributions to the operations of critical infrastructure. The directive not only addresses cyber issues from non-space domains, such as software cybersecurity, but also provides guidelines for specific space-domain applications, such as protection of ground systems from physical attacks.
Cyber threats identified by the National Air and Space Intelligence Center (NASIC) are shown below. They span four segments: space, ground, link, and user. Clearly, the space cyber area involves more than just cybersecurity of ground and space assets. Without accounting for the interplay between all four segments, any space mission may be compromised through a variety of avenues within and across the segments.
Several space cyber events have already occurred. For example, using a ground antenna, a foreign-based cyber-espionage group hacked a satellite internet provider to hide cyber-espionage operations against countries ranging from the U.S. to the former Eastern Bloc. Another example involves a foreign-based government using GPS jammers on several hundreds of thousands of cellular towers to disrupt the navigation of incoming missiles from the U.S.
The complex problem of identifying and mitigating cyber threats to space systems requires a comprehensive, unified and systematic policy solution to guide the efforts to protect space assets and services.