. 24/7 Space News .
SPACEWAR
Hackers could shut down satellites - or turn them into weapons
by William Akoto, University of Denver
Denver CO (The Conversation) Feb 14, 2020

thy're out there

Last month, SpaceX became the operator of the world's largest active satellite constellation. As of the end of January, the company had 242 satellites orbiting the planet with plans to launch 42,000 over the next decade. This is part of its ambitious project to provide Internet access across the globe. The race to put satellites in space is on, with Amazon, U.K.-based OneWeb and other companies chomping at the bit to place thousands of satellites in orbit in the coming months.

These new satellites have the potential to revolutionize many aspects of everyday life - from bringing Internet access to remote corners of the globe to monitoring the environment and improving global navigation systems. Amid all the fanfare, a critical danger has flown under the radar: the lack of cybersecurity standards and regulations for commercial satellites, in the United States and internationally. As a scholar who studies cyber conflict, I'm keenly aware that this, coupled with satellites' complex supply chains and layers of stakeholders, leaves them highly vulnerable to cyberattacks.

If hackers were to take control of these satellites, the consequences could be dire. On the mundane end of scale, hackers could simply shut down satellites, denying access to their services. Hackers could also jam or spoof the signals from satellites, creating havoc for critical infrastructure. This includes electric grids, water networks and transportation systems.

Some of these new satellites have thrusters that allow them to speed up, slow down and change direction in space. If hackers took control of these steerable satellites, the consequences could be catastrophic. Hackers could alter the satellites' orbits and crash them into other satellites or even the International Space Station.

Commodity parts
Makers of these satellites, particularly small CubeSats, use off-the-shelf technology to keep costs low. The wide availability of these components means hackers can analyze them for vulnerabilities. In addition, many of the components draw on open-source technology. The danger here is that hackers could insert back doors and other vulnerabilities into satellites' software.

The highly technical nature of these satellites also means multiple manufacturers are involved in building the various components. The process of getting these satellites into space is also complicated, involving multiple companies. Even once they are in space, the organizations that own the satellites often outsource their day-to-day management to other companies. With each additional vendor, the vulnerabilities increase as hackers have multiple opportunities to infiltrate the system.

Hacking some of these CubeSats may be as simple as waiting for one of them to pass overhead and then sending malicious commands using specialized ground antennas. Hacking more sophisticated satellites might not be that hard either.

Satellites are typically controlled from ground stations. These stations run computers with software vulnerabilities that can be exploited by hackers. If hackers were to infiltrate these computers, they could send malicious commands to the satellites.

History of hacks
This scenario played out in 1998 when hackers took control of the U.S.-German ROSAT X-Ray satellite. They did it by hacking into computers at the Goddard Space Flight Center in Maryland. The hackers then instructed the satellite to aim its solar panels directly at the sun. This effectively fried its batteries and rendered the satellite useless. The defunct satellite eventually crashed back to Earth in 2011. Hackers could also hold satellites for ransom, as happened in 1999 when hackers took control of the U.K.'s SkyNet satellites.

Over the years, the threat of cyberattacks on satellites has gotten more dire. In 2008, hackers, possibly from China, reportedly took full control of two NASA satellites, one for about two minutes and the other for about nine minutes. In 2018, another group of Chinese state-backed hackers reportedly launched a sophisticated hacking campaign aimed at satellite operators and defense contractors. Iranian hacking groups have also attempted similar attacks.

Although the U.S. Department of Defense and National Security Agency have made some efforts to address space cybersecurity, the pace has been slow. There are no cybersecurity standards for satellites and no governing body to regulate and ensure their cybersecurity. Even if common standards could be developed, there are no mechanisms in place to enforce them. This means responsibility for satellite cybersecurity falls to the individual companies that build and operate them.

As they compete to be the dominant satellite operator, SpaceX and rival companies are under increasing pressure to cut costs. There is also pressure to speed up development and production. This makes it tempting for the companies to cut corners in areas like cybersecurity that are secondary to actually getting these satellites in space.

Even for companies that make a high priority of cybersecurity, the costs associated with guaranteeing the security of each component could be prohibitive. This problem is even more acute for low-cost space missions, where the cost of ensuring cybersecurity could exceed the cost of the satellite itself.

To compound matters, the complex supply chain of these satellites and the multiple parties involved in their management means it's often not clear who bears responsibility and liability for cyber breaches. This lack of clarity has bred complacency and hindered efforts to secure these important systems.

Regulation required
Some analysts have begun to advocate for strong government involvement in the development and regulation of cybersecurity standards for satellites and other space assets. Congress could work to adopt a comprehensive regulatory framework for the commercial space sector. For instance, they could pass legislation that requires satellites manufacturers to develop a common cybersecurity architecture.

They could also mandate the reporting of all cyber breaches involving satellites. There also needs to be clarity on which space-based assets are deemed critical in order to prioritize cybersecurity efforts. Clear legal guidance on who bears responsibility for cyberattacks on satellites will also go a long way to ensuring that the responsible parties take the necessary measures to secure these systems.

Given the traditionally slow pace of congressional action, a multi-stakeholder approach involving public-private cooperation may be warranted to ensure cybersecurity standards. Whatever steps government and industry take, it is imperative to act now. It would be a profound mistake to wait for hackers to gain control of a commercial satellite and use it to threaten life, limb and property - here on Earth or in space - before addressing this issue.The Conversation

William Akoto is a postdoctoral research fellow at the University of Denver. This article is republished from The Conversation under a Creative Commons license.


Related Links
Military Space News
Military Space News at SpaceWar.com


Thanks for being there;
We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain.

With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords.

Our news coverage takes time and effort to publish 365 days a year.

If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Monthly Supporter
$5+ Billed Monthly


paypal only
SpaceDaily Contributor
$5 Billed Once


credit card or paypal


SPACEWAR
Iran denies satellite programme has military dimension
Tehran (AFP) Feb 12, 2020
Iran's government on Wednesday rejected US allegations that the Islamic republic's satellite programme has a military dimension, days after the failed launch of its latest satellite. "The subject of satellite launch vehicles and satellites is a civilian matter," Defence Minister Amir Hatami was quoted as saying by state news agency IRNA. "We could use a satellite for defence purposes, but the satellite launcher is a completely non-defensive subject and it's the definite and absolute right of the ... read more

Comment using your Disqus, Facebook, Google or Twitter login.



Share this article via these popular social media networks
del.icio.usdel.icio.us DiggDigg RedditReddit GoogleGoogle

SPACEWAR
The science behind and beyond Luca's mission

Record-Setting NASA Astronaut, Crewmates Return from Space Station

Record-breaking US astronaut returns to Earth

NASA astronaut's record-setting mission helps scientists for future missions

SPACEWAR
Getting your payload to orbit

Aerojet Rocketdyne nets $12.1M for anti-hypersonic missile program

Aerojet Rocketdyne wins DARPA hypersonic propulsion technology contract

Systima Technologies expands workforce to support hypersonic programs

SPACEWAR
MAVEN explores Mars to understand radio interference at Earth

Mars' water was mineral-rich and salty

Russian scientists propose manned Base on Martian Moon to control robots remotely on red planet

To infinity and beyond: interstellar lab unveils space-inspired village for future Mars settlement

SPACEWAR
China's Long March-5B carrier rocket arrives at launch site

China to launch more space science satellites

China's space station core module, manned spacecraft arrive at launch site

China to launch Mars probe in July

SPACEWAR
Maxar Technologies will build Intelsat Epic geostationary communications satellite with NASA hosted payload

Arianespace and Starsem launch 34 OneWeb satellites to help bridge the digital divide

Australia's first space incubator seeks global applicants for 2020 program

RUAG Space dispenses another batch of Airbus OneWeb satellites

SPACEWAR
First time controlling two spacecraft with one dish

Amazon wants Trump testimony about huge Pentagon contract

New threads: Nanowires made of tellurium and nanotubes hold promise for wearable tech

In Norway, bottles made of plastic are still fantastic

SPACEWAR
NASA's Webb will seek atmospheres around potentially habitable exoplanets

To make amino acids, just add electricity

AI could deceive us as much as the human eye does in the search for extraterrestrials

NESSI comes to life at Palomar Observatory

SPACEWAR
Pluto's icy heart makes winds blow

Why Uranus and Neptune are different

Seeing stars in 3D: The New Horizons Parallax Program

Looking back at a New Horizons New Year's to remember









The content herein, unless otherwise known to be public domain, are Copyright 1995-2024 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. General Data Protection Regulation (GDPR) Statement Our advertisers use various cookies and the like to deliver the best ad banner available at one time. All network advertising suppliers have GDPR policies (Legitimate Interest) that conform with EU regulations for data collection. By using our websites you consent to cookie based advertising. If you do not agree with this then you must stop using the websites from May 25, 2018. Privacy Statement. Additional information can be found here at About Us.