Why Satellite Cybersecurity Must Be Prioritized in the New Frontier
Resilience is the best bet to ensure mission continuity.
The space industry has experienced major changes in recent years: more federal contractors play the field, the U.S. is diverting NASA funds from space exploration to private-public partnerships, and the administration established the U.S. Space Force. Given these developments, 2020 sits poised to be a watershed year with rapid innovation in 5G and 6G, advances in private satellite technology and increased demand for global high-speed connectivity.
The expanding low Earth orbit, or LEO, access for new satellite communications players signals an opportunity for growth—and for the democratization and commercialization of space. With this in mind, federal agencies are adopting private-sector advancements that will impact the future of communications.
Federal Investments in Space
Satellites are just as cyber-vulnerable as any other technology, but the current focus on profitability, launch providers and mega-constellations are putting cybersecurity low on the priority list. Instead, it should be integrated across the value chain from conceptualization and development to launch and operation. After all, we’ve seen how poor cyber readiness can negatively impact even the most prepared government agencies and corporations.
While NASA is most commonly associated with space operations, eight U.S. federal organizations have space budgets, including the Defense and Energy departments, the National Science Foundation, the U.S. Geological Survey and others. These agencies use satellites in a variety of ways: think telecommunications in globally dispersed workforces, up-to-the-minute information on natural disasters or armed conflicts, research on population growth and density, awareness of weather patterns and more. Satellites provide a global, wide-lens perspective that can be invaluable to the government.
The Emergence of LEO
LEO satellites provide agencies with additional advantages because they move at a quicker rate and have lower latency due to their location in orbit, which helps agencies communicate more quickly to citizens and warfighters.
Nevertheless, all satellites have a complex structure and the various systems and programs required for operation—navigation, communications channels, onboard sensors, power generators—create a vast attack surface. And because these systems and components must work in harmony, it’s often nearly impossible to isolate or combat a threat without compromising the entire ecosystem. The world has already seen several instances of satellite interference by governments executing cyberattacks and blocking communications including jamming and spoofing capabilities in the ongoing conflicts in Syria and Ukraine by Russia.
Once an adversary has gained access to a satellite’s system, it’s easier for the bad actor to follow the communications path between a satellite and its “home base,” gain entry and infiltrate networks and systems up the chain. To ensure that an attack is prevented or mitigated, agencies should emphasize resilience and implement forward-looking technology solutions.
Building Resilience in the Cyber Supply Chain
To protect against cyberattacks, there is no one-size-fits-all solution. But resilience is the best bet to ensure mission continuity and support rapid reconstruction of existing capabilities—or deployment of an alternative. Resilience uses cyber threat intelligence to guide decisions, support agility and evaluate acceptable risk. Most agencies can achieve resilience simply by following current federal standards (including National Institute of Standards and Technology guidelines) and analyzing the data they are collecting from adversaries. Additionally, agencies can train their workforce to respond to attacks and test satcom systems for vulnerabilities.
In addition to building resilience, the emergence of a virtualized architecture is poised to fundamentally change the satcom industry in 2020. Transport virtualization allows users to seamlessly switch between waveforms and operate across networks, bands, satellites, orbits and constellations with commercial-off-the-shelf hardware. This capability will simultaneously address readiness, resilience, agility, logistics and operations while allowing satellites and their communications to hide in plain sight.
Transport virtualization will strengthen cybersecurity in satcom by increasing user visibility—allowing threats to be identified and isolated quicker so that an affected program can be frozen, and attackers won’t be able to spread. In addition, virtualization will solve major connectivity challenges, allowing agencies to connect to satellites at different bands and orbits, effectively changing connection without having to switch between proprietary hardware and software.
The emergence of large-scale commercial LEO access facilitates the expansion of satcom into a new space frontier. For the U.S. to fully capitalize on these developments, agencies can embrace strategic partnerships to leverage the cutting edge in space operations while building resilient, secure satellites.
Tera Garner is a cybersecurity specialist at Envistacom.