VisionSpace Blog

View Original

Cybersecurity and Defense: How Vulnerable Are Space Assets?

With the development of the space industry, the number of threats has also increased at a fast pace. And as expected, warfare is also happening in cyberspace. The more military and civilians’ infrastructures are connected to the internet, the more they are vulnerable to cyberattacks. The creation of a U.S. Space Force reflects the importance of space tech to national security. In order to avoid digital disruption, countries started investing in cybersecurity for their cyber defense, and a growth in those investments is expected for the aerospace and defense sector.  

The growing opportunities for commercial companies also draw attention from adversaries capable of developing anti-satellite weapons. The evolution of those threats to on-orbit assets shows that it is critical to deal with the subject innovatively, taking into consideration leadership and acquisition, but without overlooking cybersecurity of space assets vital to national infrastructure. It is also necessary to protect the spacecraft after its launch, considering space systems on-orbit are equipped with hardware and susceptible to cyberattacks.   

The reason why it is necessary to think about acquisition is that, as said by Lt. Gen. John “J.T.” Thompson, commander of the U.S. Air Force Space and Missile Systems Center (SMC), “to stay ahead of our adversaries in space and to provide more capability for all our warfighters.”  At the moment, neither space policy nor cybersecurity is fully prepared to deal with the emergent threat to nation-state space tech, demanding additional defense plans.   

Reasons for cyberattacks

Some of the reasons for cyberattacks are to steal intellectual property and to have an advantage in domestic aerospace and defense capabilities, develop countermeasures, create disruptions on the battlefield and produce tech to sell in the global military market. Also, collect info to monitor, infiltrate, and disturb nations’ systems and defense, by identifying critical technologies and finding vulnerabilities in them.

 With the information accessed, adversaries, such as hackers, can provide their sponsor countries with information that gives them military and economic advantages, reducing investments of money and time in research, being able to have the price advantage in the product sale.   

Cyber espionage is at a record level with the number of surveillance and remote sensing satellite growing. Also, third parties and supply chains are targets of hackers looking for access to leading institutions in the same network.  

According to FireEye, a cybersecurity company, some of the groups that are under threat are:   

  • Aerospace and defense parts wholesalers;  

  • Aerospace and products and parts manufacturing;   

  • Aircraft engine and space vehicle manufacturing;  

  • Industrial and military computer system manufacturing.   

And the data stolen from aerospace and defense organization were related to:   

  • Budget information and business communication;  

  • Equipment maintenance records and specifications;  

  • Organizational charts and company directories;  

  • Personally identifiable information,   

  • Product designs or blueprints and production process;  

  • Proprietary product or service information;  

  • Research reports and testing results and reports;  

  • Safety procedures;  

  • System log files.  

Some of the attacks that can happen are:  

  • State-of-health anomalies: radiofrequency (R.F.) interference causing abnormal health data;   

  • Command sequence anomalies: Sending abnormal commands with the goal to take control of a satellite; 

  • Firewall traffic data disruption caused by malware with unknown signatures;  

  • Abnormal data trends: although the values are within normal bound, time-series data is abnormal.  

What has been done

It is necessary to identify vulnerabilities before an attack by monitoring capabilities. Also, it is critical to secure the ground system and its computer networks responsible for the communication and flight instructions with satellites. An effective cyber strategy includes prevention, detection, identification, stopping, destroying, and recovery. 

  • Aerospace.org developed Eirene Sceptre; it is a cyber defense toolkit for cyber monitoring, end-point protection, and zero-day attack protection. Based on nominal data footprints and signatures, Eirene can send earlier indicators and cyber alerts. For that, the system counts on machine learning (ML) and space-focused intrusion detection components, integrated with commercial off-the-shelf (COTS) programs. The system is also being integrated with other cybersecurity tools for monitoring the security of USA’s space assets.   

  • Another project from Aerospace.org is The Watcher, and it focuses on detecting cyber intrusions. For that, the system uses artificial intelligence (A.I.), which learns the normal states of the spacecraft. The Watcher can detect suspicious activity on a satellite and can detect malicious commands, malware, and software implants inserted after a spacecraft’s launch. The software is also able to act before commands are executed and can be uploaded to a space vehicle on-orbit. 

Cybersecurity for space assets is becoming more critical every day, and investments have been made. However, the development of threats also evolves at a fast pace, and still, neither space policy nor cybersecurity is fully prepared to deal with them. Do you know any interesting solution in the marketing? Share with us.

For more in Cybersecurity and space tech, click here. Follow us on LinkedinTwitter, or Facebook to get our updates. 

Article written by Juliane Verissímo - Marketing Department of VisionSpace