Keeping the U.S. defensive resources safe from cyberattacks means protecting systems in the remote locations throughout the world — and off-world.
Securing military satellites against cyberattacks has become increasingly important as various ground-based threats raise questions about vulnerabilities in cyber resources on the ground, in the air and in space.
The U.S. Army began to revise their security systems after an examination of combat networks revealed the branch’s cybersecurity wasn’t adequate against current enemy tools, Space News reported last month. The Army began the search for solutions to satellite jamming and holes in secure communication. Increased protection was needed as other nations and non-nation combatants get ahold of more sophisticated tools that could be used to target satellites during cyberattacks.
The threat of attacks against satellites has been on the U.S. military’s radar for years; the Pentagon announced in 2014 it was considering shifting to smaller satellites as a way to reduce vulnerabilities to physical attacks. At the time, Gen. William Shelton, then-commander of the U.S. Air Force Space Command, stated in a speech that China had missiles that could shoot down satellites.
But cyberattacks could be just as effective at turning a valuable military resources into little more than a floating hunk of junk.
Jeff Matthews, board member of the Space Frontier Foundation, a space advocacy non-profit, said companies that deploy satellites need to start considering cybersecurity as a top priority. Military satellites are particularly high-value targets, and the rise of general cyber capabilities by various nation states means military and civilians satellites alike should be protected before they become a liability.
“I am steadfast that additional means of engagement and collaboration on cyber risk strategies for new space should be an industry priority,” he said.
The Department of Defense declined an interview request for this article, stating it couldn’t discuss cybersecurity specifics to prevent giving attack advantages to adversaries.
One vulnerability in satellites in general that, if not secured, could be exploited is the method of overriding a satellite with an unauthorized uplink, Stephen Northcutt writes in a SANS Technology Institute analysis of satellite cybersecurity. By using an appropriate transmitter and upconverter, a signal could be sent out without security alarms going off. But if a signal is too large, the satellite could even be overwhelmed and wouldn’t be able to process its intended signals properly.
Sometimes, satellites can be overtaken to transmit signals for other entities, such as in the case of Sri Lanka-based group, the Liberation Tigers of Tamil Eelam, which have been labeled by the U.S. as a terrorist organization, pirating a U.S.-based satellite to send their own radio and television signals across the globe in 2007.
“However, to attack a satellite probably does not require nation-state space capability,” Northcutt writes, referring to satellites in general.
“Due to cost saving measures, the command and control channel to the satellite is unencrypted. The security is little more than a password. To hack such a system would require sophisticated and proprietary equipment, although with today’s Digital Signal Processing systems it is becoming trivial,” he said. “But, by the time it was noticed that a bird was put into a spin of death, the fuel is shot, there is very little fuel (and fuel is the primary limitation on the life span of a satellite), and there’s a $75 million dollar paperweight spinning in space.”
Matthews said there are various ways a cyberattack could take out a satellite. He said satellites, like other devices, need to be secured against software and hardware security flaws. One major problem that can happen as a result of cyberattacks is the loss of asset availability, such as the inability to control the satellite, to get data or to use the satellite for its intended purpose, such as surveillance or communication.
“In my opinion, the primary concerns, from a cyber perspective, revolve around denial-of-service, loss of C2 and transmission intercepts,” Matthews said via email. “A potential adversary or even an errant actor could potentially deny service by interrupting access to the satellite through disruption or attacks to the ground segments or blocking the communication signals themselves.”
“Additionally, performing a traditional man-in-the-middle attack — wherein data is intercepted between the satellite and its final destination — could be possible, subjecting the data to eavesdropping or manipulation,” he added.
Some of that preparation comes down to the the U.S. Air Force Space Command’s Space and Missile Systems Center, which is tasked with sustaining and protecting military space systems and DoD space systems. The center keeps those satellites working and resilient against attacks, including cyberattacks.
“Beginning with Operation Desert Storm in 1991, the contributions of these space systems to U.S. military superiority became steadily more apparent, and military commanders became more reliant on them,” the center states in its operational statement. “By the time Operation Iraqi Freedom was underway, space-based surveillance, communications, navigation and meteorology had added previously unimaginable speed and precision to American military operations.”
The center didn’t respond to request for comment, but it states on its website that it prepares for anti-satellite and missile defense missions. “SMC continues to provide the technological edge from the high frontier to our nation’s warfighters and allies.”