Modern civilization is utterly dependent on satellite infrastructure. Experts point to cyber threats as the primary disruptor of that relationship.
While it is no surprise that the military relies on satellites, people rarely wonder how much their daily lives also depend on these artificial moons.
A hacked satellite can be compromised in several ways. A hacker may disable the satellite’s communication abilities, cause heaters and thrusters to fire and damage the satellite’s electronics, or even damage the satellite’s hardware.
Some hackers have also been known to take the satellite’s control systems and disable the satellite’s systems, causing it to malfunction or crash. The risks of a hacked spacecraft are significant, and we need to take action now to protect our future from this danger.
It’s possible to hack satellites without compromising the mission of the satellite. Many of them are low-cost and do not use encryption for data. They also use off-the-shelf technology and have limited memory. That means hackers can easily analyse the parts and design to gain access to the satellite’s systems.
From a passenger or carpool driver to a stockbroker, almost everyone relies on superior satellite communications to get the digital services they need.
Power grids, cloud storage, air travel, financial transactions, location-based services, ATMs, and modern communications depend on a functioning satellite infrastructure.
Businesses that accept cashless payments, order goods from overseas, use the Internet to communicate, or rely on electricity for power would suffer major, if not fatal, business disruptions if the satellite technology that underpins those services were compromised.
According to Mathieu Bailly, head of the space business unit at CYSEC SA, a data security company, it is difficult to imagine the impact of a global attack on the satellite network.
“Strong dependence of many terrestrial services on satellites means that interruption or a shutdown of space services would be catastrophic,”
Weakness in numbers
Since 1957, when the Soviet Union launched the first Sputnik, various space agencies have put 10 to 60 satellites into orbit every year. This trend continued over the past decade, right up to the start of the commercialisation of space.
At that point, companies like SpaceX entered the market, and sending objects into space became much cheaper. Meanwhile, a number of startups developed small and capable satellites dubbed CubeSats. Dozens of such nanosatellites can fit on a single reusable rocket, reducing the cost of space exploration.
According to the Union of Concerned Scientists, over 1,300 new satellites were put into orbit in the first nine months of last year. That is 200 more than in the whole of 2020, and almost five times as many as in 2019.
But satellites are little more than computers in outer space – and no computer is immune to hacking. With their numbers increasing, so does the probability that a threat actor will try to hack into one.
“With more and more satellites in orbit, more data is collected and transmitted via these satellites. That means they are a more attractive target to cybercriminals,” Bailly explained.
So far, few threats have realistically posed a serious threat to global satellite infrastructure. Among the most devastating scenarios is a geomagnetic storm caused by a massive solar flare accompanied by an accelerated release of plasma from the sun. Known as Coronal Mass Ejection (CME), this can have catastrophic consequences for humanity.
In 1859, a geomagnetic storm – believed to be the largest of its kind in 500 years – destroyed the telegraph systems in North America and Europe, setting fire to communication poles and electrocuting operators.
Up until recently, another major threat, the Kessler Syndrome, was only theoretically possible.
“While cyber security and satellites have not often appeared together, the merging of these two areas will be a big focus in 2022.”-Dr. Eric Cole, former CTO of McAfee and chief scientist for Lockheed Martin
Named after former NASA scientist Donald J. Kessler, the theory suggests that orbital collisions between objects would cause a cascade in which each subsequent impact increased the likelihood of more collisions.
Taken to the extreme, Kessler’s syndrome would render the Earth’s lower orbit unusable for several generations.
However, a recent article by Charlotte Van Camp and Walter Peeters, researchers at the International Space University (ISU) in France, shows that it is neither the sun, nor the militarization of space, nor even the space debris that scientists are most concerned about.
A survey of more than 100 experts shows that cyber threats are considered the most important concern for satellite security.
Indeed, the darker scenario outlined by Kessler’s syndrome could stem directly from a hacked satellite, they say.
While hackers can attack a satellite’s software, they can also affect the data it carries. In the first case, the hacker can make use of the satellite’s GPS to decrypt the data.
Satellites operate in an extremely hostile environment. Thus, only the most valuable items, such as the Hubble Space Telescope, receive direct human maintenance in the event of a malfunction.
This means that most space facilities need to be as self-sufficient as possible.
With no prospect of maintenance or battery replacement, sustained efficiency is a critical component in satellite design.
“Whenever you have power as a design constraint, cyber security tends to take a back seat and not get addressed,” Dr. Eric Cole, a veteran cyber security expert,
As with many non-military systems, satellite cybersecurity may not be the device manufacturer’s primary concern. There is still little to no cyber security regulation for satellites, leaving security a rather optional feature.
“Satellites were built for functionality and had to fit into a very constrained design factor, therefore there are not a lot of security features, and the main reason they have not been attacked is because of easier targets [on Earth],” Cole explained.
Last year, ransomware, the practice of infecting computer systems with malware in order to extort funds, burst into the mainstream and became public knowledge.
The hacks of Colonial Pipeline, meat supplier JBS, and software supplier Kaseya showed just how vulnerable critical infrastructure is. Unfortunately, installations in space are almost no different.
Over the past couple of years, the ransomware business has become highly specialised. Partners rent ready-to-attack malware, look for dollar-rich targets, and buy entry from entry-level brokers.
“Because of the critical availability aspect, ransomware is a big threat to satellites.”-Dr. Eric Cole
The logic is brutally simple: the more expensive the downtime is for a business, the greater the likelihood of receiving a ransom. This is why hospitals, energy companies and large service providers are among the most profitable targets.
“Satellites are used for two primary purposes: communication and tracking. Therefore, if someone can hack these devices, those are the two attack vectors. And because of the critical availability aspect, ransomware is a big threat to satellites,” Cole said.
While many modern services, from crop monitoring to the global footprint of the Internet, rely on satellite infrastructure, there is no more lucrative goal than Global Navigation Satellite Systems (GNSS).
The best known GNSS is the US-owned and license-free Global Positioning System (GPS). Interestingly, the “positioning” section is just one of the reasons why GPS functionality is critical to the global economy.
GPS allows service providers to measure time with near-perfect accuracy around the world. This is why, for example, an ATM withdrawal in Beijing is registered with the user’s bank in Paris almost instantly.
Accurate time down to microseconds prevents unauthorized overdrafts and limits fraud.
The same is true for the global financial system. Transactions in a fraction of a second, the basis of any stock or cryptocurrency exchange, are only possible thanks to space infrastructure.
Even a brief interruption to such an essential system makes any ransom demand worthwhile, given what is at stake.
GPS, however, is operated by the military, which means there are many additional layers of security to protect the system.
Because the US government built the system, it is a bespoke machine, which makes it harder for non-state threat actors to breach it. But most of the new satellites run on standard hardware and software, breaking with the tradition of only using custom equipment in space.
With cyber security taking a back seat, many of these privately owned satellites could prove to be easy targets for ransom-hungry criminals.
Threat to modern society
The hacking of a satellite is a major threat to modern society and the impact could be massive. It could cause a global outage, crippling networks and leaving areas largely without communication services. Such disruptions are becoming more common, making the technology of a hacked satellite a prime target for malicious attackers.
The US Air Force has been targeting the global positioning system in recent years to find out how it can be hacked. The GPS is one of the most important satellites in the world, and a hacker could intercept the signal to spoof the system. The U.S. government is especially worried about these threats and has launched a competition to try to find solutions.
While a cyberattack on a single satellite would have limited effects, a large-scale attack on all satellites would cause major, even fatal, disruptions. For example, many businesses rely on satellites to deliver goods and services. Therefore, a hacked satellite could have devastating effects on these services. And a global attack on the satellite grid would cause global damage. However, it is important to note that even a minor hacking incident can affect a wide range of industries.
A hacked satellite can affect our daily lives, and disrupt the global network. Businesses that rely on satellites would be crippled, and the effects on human health and safety would be catastrophic. As long as these companies are able to protect the integrity of their satellites, a hacked satellite can be a real danger to the world.
Will 2022 see the first cyberattack on a space system disclosed publicly?
No one can tell, but statistically, considering the growth of the industry, it’s just a question of time. It will be a wake-call for all the operators that have been procrastinating on the topic.
While 2021 saw a tsunami of ransomware attacks, satellites and other space assets were not targeted by threat actors.
Dr. Eric Cole believes that as ransomware-as-a-service (RaaS) affiliates run out of easy targets, they will start eyeing other high-value targets, where victims cannot afford any downtime.
“Satellites fit perfectly into this category and based on the critical communication component; these attacks will make Colonial Pipeline look like small change,” Cole explains.
One of the main reasons attackers might start targeting satellites is that most older machines, which often run legacy systems, were not designed with cybersecurity in mind.