25 August 2022

A New ‘Bumper Sticker’ for Space Satellites

Zhanna Malekos Smith

If space satellites wore bumper stickers, they'd probably echo Thomas Hobbes’ famous words that life is “nasty, brutish, and short.” Why the gloomy outlook? Cyber threats are unfortunately the “soft underbelly of our global space networks,” reasons Lieutenant General Stephen Whiting, commander of the U.S. Space Force’s Space Operations Command. The Ukraine war is also prompting military and commercial space leaders to pay greater attention to securing space systems from cyber threats. There are many paths to fortifying communications, navigation, and surveillance satellites from counterspace weapons, but the most resilient design methods integrate cybersecurity-informed engineering across the entire lifecycle of space systems.

Types of Counterspace Weapons

There are four different categories of counterspace weapons outlined in the CSIS Annual Space Threat Assessment. The first is kinetic physical counterspace weapons, such as Russia’s destructive direct-ascent anti-satellite (ASAT) missile test in November 2021; the second is non-kinetic physical like targeting satellites with lasers; the third is electronic-based weapons that can disrupt the transmission of radio frequency signals; and the fourth is cyber counterspace weapons. Focusing on the last category, cyber weapons can target both space satellites and ground-based systems by intercepting and monitoring data, corrupting data with malware, or even wresting control of the space system from the space operator. The war in Ukraine demonstrates how malicious cyber actors can manipulate several points of entry to exploit ground systems and the network equipment necessary to operate space systems.

The War in Ukraine

In February, Russian-state actors launched a cyberattack against Viasat Inc’s KA-SAT commercial satellites, disabling thousands of modems across Ukraine and Europe. According to a press statement by the State Department, Russia’s cyber operation had indiscriminate spillover effects across other European countries and disabled “tens of thousands of terminals outside of Ukraine that, among other things, support wind turbines and provide Internet services to private citizens.” Restoring Viasat’s communication networks was no small feat, U.S. National Security Agency's Director of Cybersecurity Rob Joyce recounted to Reuters. “After those modems were knocked offline it wasn't like you unplug them and plug them back in and reboot and they come back . . . They were down and down hard; they had to go back to the factory to be swapped out,” he said. On March 17, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) issued a threat advisory statement to satellite communication providers and customers, warning of potential cyberattacks against satellite systems. The statement encouraged organizations to implement mitigation measures and “significantly lower their threshold for reporting and sharing indications of malicious cyber activity.”

As an example, SpaceX founder and CEO Elon Musk announced that since deploying over 5,000 Starlink internet ground terminals across Ukraine during the course of the war, SpaceX has reprioritized “cyber defense & overcoming signal jamming” to quickly push new software updates and bypass interference. Starlink satellites provide an internet-service constellation system with low latency and can service more users in comparison with remote land-based systems. On May 10, Musk tweeted a threat update that Starlink terminals have successfully “resisted Russian cyberwar jamming & hacking attempts so far, but they’re ramping up their efforts.” Apart from Russian efforts to disrupt and degrade Starlink terminals, China may also have similar designs.

China

In April, the Chinese state-affiliated peer-reviewed journal, Modern Defense Technology, published an article by a team of Beijing-based researchers, calling for the Chinese government to develop countermeasures against SpaceX’s Starlink satellites. The article, “The Development Status of Starlink and Its Countermeasures,” recommends that the Chinese military “actively respond to the risks and dangers brought by the Starlink . . . to better safeguard China’s sovereignty and national security.” Why? According to the authors, some of whom have ties to research entities with the People’s Liberation Army (PLA), Starlink’s potential surveillance capabilities should concern the Chinese government because it could collect high-definition pictures and live video feeds of China. This concern is belied by the fact that Starlink satellite systems are equipped with optical sensors to track orbital debris, not surveillance, reports Spaceflight Now; in turn, this allows Starlink satellites to “autonomously avoid collisions with other objects in space.”

Interestingly, after the article was published, Modern Defence Technology removed it (pages 11–18) from the spring 2022 volume. One potential reason why, posits China defense theorist David Cowhig, is that the article may have violated the Modern Defense Technology’s Article Confidentiality Review Certificate to not reveal sensitive government information.

The proposition to target Starlink’s satellite communication technology is striking for several reasons. First, it signals that some Chinese researchers are worried about Starlink’s surveillance capabilities. Second, by recommending targeting Starlink—a commercial, private sector subsidiary of SpaceX with ties to the United States government—it communicates that the boundary line for engaging with an adversary in space should include targeting commercial industry space operations in addition to military space operations. SpaceX clients include NASA and the U.S. military, among others. Third, the proposition indicates a disregard for considering the second-order and third-order effects that flow from targeting commercial space infrastructure that provide essential services to both civilian and military users, such as Galileo, the European global-based satellite navigation system. It this special nexus between commercial and military space satellite systems and the interconnected threat environment, which is shaping public discourse on whether space systems should be declared as critical infrastructure in the United States.

Cyber Threats to Space Systems Jeopardize U.S. Critical Infrastructure

The United States’ first statement on Cybersecurity Principles for Space Systems, known as Space Policy Directive 5 (SPD-5),encourages government agencies to work with commercial companies to secure space networks and systems. Enacted in 2020, SPD-5 helped reinvigorate a national dialogue on the importance of cybersecurity-informed engineering, leading to CISA’s creation of a Space Systems Critical Infrastructure Working Group in 2021. This group studied how to minimize risk to space systems that support national critical infrastructure. It is notable, however, that space systems have not yet been included on the Department of Homeland Security’s (DHS) list of 16 designated critical infrastructure sectors.

It is unclear why DHS has not awarded this designation, especially given that DHS’s updated Space Policy recognizes the interconnected nature of space-based systems in supporting commercial and government systems. In May, DHS publicly unveiled its new policy, noting that space-based systems are increasingly playing a significant role in securing the homeland and supporting our allies and partners. The DHS Space Policy articulates several lines of effort to prioritize protecting commercial and government space-based systems. For example, advocating for “integrating cybersecurity principles for all phases of space systems design, development, acquisition, deployment, and operation across the industry.” DHS’s ambition to implement cybersecurity practices across the entire lifecycle of a space system is a laudable first step; however, enhanced collaboration and coordination with private and public sector actors is needed to support SPD-5. Apart from protecting commercial space operations from cyber threats, U.S. Air Force and Space Force senior leaders are also wary of how to stay abreast of evolving cyber threats to space systems in order to maintain leadership and freedom of action in space. According to Commander Whiting, the U.S. Space Force is concerned that actors like North Korea and Iran could employ cyber counterspace weapons against U.S. satellites to contest access to space. To that point, the Department of Defense’s Defense Space Strategy Summary recites that “China and Russia present the most immediate an serious threats to U.S. space operations, although threats from North Korea and Iran are also growing.” Looking ahead, the Space Force will integrate more cyber specialists to defend military satellite networks and support units that operate communications and surveillance satellites.

Policymakers and industry leaders should continue to work together in building upon the vision outlined in SPD-5 to ensure a resilient, cybersecurity-informed design approach is utilized. Based on the interconnected nature of these threats to commercial and government space systems, policymakers should designate space systems as critical infrastructure. This designation would better enable sharing threat information across sectors, implementing risk mitigation plans, and ensuring cybersecurity best practices principles are integrated across the lifecycle of space systems. It is time for space systems to wear a new bumper sticker as national critical infrastructure.

No comments: