Cybersecurity in space: Why hacking has gone off world

According to experts at this month's RSA Conference, the need of safeguarding satellite systems has increased along with the importance of satellite communications, as dangers can come from everything from hackers to solar weather. — Image by freepik

As the importance of satellite communications has grown, so too has the importance of protecting those satellite systems, with threats that range from hackers to solar weather, said experts at this month's RSA Conference.

For example, last weekend's solar storm was more than just a pretty light display – it was also a major disruption and reminder of how dependent society is on reliable satellite connections. The solar flare was a serious problem for farmers who depend on precise GPS readings to guide their tractors, 404 Media reported. Unable to trust systems, many were forced to stop planting during a key part of the season.

Solar flares are becoming "more and more problematic" as daily life relies ever more on space-based technologies, said Manan Dalal, assistant CIO-satellites for the National Environmental Satellite, Data and Information Service (NESDIS), during the RSA Conference.

Satellite disruptions can affect everything from making global phone calls to predicting daily weather and forecasting where hurricanes will make landfall, Dalal said. A solar flare in 2023 disrupted radios worldwide, and one village in New York has already been planning for continuity should a future event like a major solar flare cause a monthslong Internet outage.

And space weather isn't the only threat – nation-states are increasingly interested in disrupting other nations' communications by targeting their space systems, which can affect military operations, said Mieke Eoyang, deputy assistant secretary of defense for cyber policy at the Department of Defense, during the same panel. One example is Russia's hack on the Viasat satellite network serving Ukraine.

Given the risks, governments need to ensure they can issue early warnings before significant solar events hit, Dalal said, and several panelists said more must be done to strengthen space cybersecurity.

Protecting space systems requires securing each of three tech layers: the technology on the ground, the equipment in orbit and the tech providing communication linkage between the two.

The ground side involves systems for processing data and disseminating information, Dalal said. But these are also the systems that are easiest for hackers to penetrate, Eoyang noted. That makes it especially important to ensure strong authentication methods are in place, technology is secure by design and other key cybersecurity principles are followed.

Meanwhile, communication between instruments in orbit and the ground systems must be encrypted and safeguarded against attacks like jamming or spoofing, Eoyang said.

Equipment in orbit also faces threat from external conditions. Making this tech safer could mean establishing international norms prohibiting anyone from conducting debris-causing activities in space, Eoyang said.

One challenge, however, is that significant technological advances are likely to occur during the 10 to 15 years that a satellite might remain in orbit, making obsolescence a serious problem, Dalal said.

"Once you launch the satellites into orbit, it's operational: We can't send somebody up there to fix any issues," Dalal said. "... You have to create systems where you need to accommodate for a little bit of these technology changes. One recent example I can give you: What happens when we're in the post-quantum world? Well, [for] our encryption systems up in space, I can't go up there and start working with them."

When it comes to space cybersecurity, government cannot do it alone.

Much of space tech is procured from vendors, and so government and industry need to communicate closely. Companies should share details about threats they're seeing, and government should share back actionable intelligence, Eoyang said. The Space Information Sharing and Analysis Center, or Space ISAC, is one effort to share space threat intelligence across the public and private sectors.

Policymakers in the US haven't yet set consistent, baseline cybersecurity requirements, which leaves companies to make their own, varying interpretations, said Tahara Dawkins, chief of staff at the National Space Council, during the panel.

But a federal interagency committee is currently working to craft minimum cybersecurity requirements for "federally procured national security civil space systems," which are due out this summer, Dawkins said. Also in the works: an implementation plan that will detail specific steps for putting into place the space system cybersecurity principles outlined in the Space Policy Directive-5. – Government Technology/Tribune News Service

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Hacker , Satellite communications


Next In Tech News

UN chief tells consumer tech firms: own the harm your products cause
Music labels sue AI companies Suno, Udio for US copyright infringement
Foxconn to invest $383 million in Vietnam circuit board plant, says state media
Riot Platforms seeks three board seats at Bitfarms after thwarted takeover bid
Shopify expands access to its AI-powered features to attract more businesses
CDK hack upends US auto industry, sending dealers back to paper forms
Beyond Nvidia: The search for AI’s next breakthrough
For this CEO, a creative culture is one where people trust they can speak up
Microsoft’s Copilot will let you join three meetings at once, but experts say it misses the point: ‘No one has ever wanted to be in a meeting’
Hikes, nosy neighbours afflict Zimbabweans in quest for mobile connection

Others Also Read