This post is also available in:
עברית (Hebrew)
Researchers from California Polytechnic State University published a report stating that with governments and other space organizations focusing on the dangers of space debris and kinetic conflicts in orbit, they could be missing much more sinister threats.
“A failure to imagine novel scenarios is a major risk in being taken by surprise and severely harmed by threat actors who are constantly devising new ways, inventive and resourceful ways, to breach the digital systems that control our wired world… To stay vigilant, defenders likewise need to be imaginative to keep up in this adversarial dance between hunter and prey in cybersecurity,” the report states.
The researchers developed a ‘scenario-prompt generator’ called the ICARUS matrix, which is based on possible threat actors or agents, their motivations and methods, potential victims or stakeholders, and the particular damage intended. The report focused on 42 scenarios, including all the more predictable cybersecurity risks like insider threats, AI vulnerabilities, false-flag attacks, communications jamming, and ransomware during a launch – some of which have already happened.
According to Cybernews, some examples of past space cyberattacks include the jamming of HBO’s satellite TV services in 1986 (by a satellite operations engineer), NASA satellites being taken over for several minutes in 2007 and 2008, and Russia blocking access to satellite internet services in Ukraine on the day the war began in 2022.
Furthermore, the report mentions other scenarios such as hacking 3D printers to produce built-to-fail parts, hijacking rockets and directing them at targets on the ground, or even using the light from the sun and concentrating it as a weapon.
The researchers also bring up “space piracy” as a possible future issue, explaining that with bases and settlements on other planets, pirates could sever communications and misdirect supply transports.
They also mention today’s cyber risks to smart homes, only increased tenfold when applied to space environments – “Consider a DDoS attack that disables, say, electronic door locks across a space settlement, similar to how DDoS attacks can crash websites as well as physical systems, such as Internet of Things or connected devices.”
In response to these growing worries in the space sector, both NASA and ESA have updated their cybersecurity policies in the last six months:
ESA emphasized the risk of rogue states using a compromised ground station to interfere with a satellite’s command-and-control communications and intercept valuable information, or even use lasers to blind a satellite from the ground. They also mentioned that terrorist groups could use satellite jammers to interfere with a satellite’s signal, send fake alerts, eavesdrop, or infect the satellites with malware.
NASA’s new policy warns that threat actors could exploit a mission’s ground systems to tamper with a spacecraft’s systems, calling for a continuous process of mission security risk analysis and risk response while advising organizations to apply the principles of domain separation and least privilege designs to help avoid supply chain attacks.
