Welcome to Cyberstrike Brief, your source for the latest cybersecurity insights in smart manufacturing.

Business Objectives, Security Strategies

Hacking Space: Cyber-Securing the Vulnerable Space Enterprise Ecosystem

Our dependence on satellites and their ground support counterparts for sensing and communication operations has opened the door to a new dimension of cyber threats.

by Chuck Brooks, President and Consultant, Brooks Consulting International | Jan 8, 2025

Hacking Space: Cyber-Securing the Vulnerable Space Enterprise Ecosystem

The space enterprise ecosystem is facing cybersecurity threats growing in both size and scope. As our industries and government become increasingly dependent on space as a mission-critical element of our communication and surveillance efforts, we need to prioritize the cybersecurity of the entire ecosystem.

The good news is that both industry and government have recognized the importance of security space systems and efforts are being made to upgrade defensive postures. Public Private cooperation has expanded.

A Space Systems Critical Infrastructure Working Group was established by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) last year. The group, which unites stakeholders in the space system’s critical infrastructure, is made up of representatives from government and business and functions under the auspices of the Critical Infrastructure Partnership Advisory Council (CIPAC).

I was privileged to be a member of that working group, and soon industry-focused recommendations and initiatives on cybersecurity for space systems will be made available. The role of the working group is especially important as networks are changing from terrestrial (land) based communications to the cloud, taking advantage of satellites to move data over large, international distances.

The Space Policy Directive-5 Cybersecurity Principles for Space Systems (SPD-5), the U.S’s first comprehensive cybersecurity policy for space systems spelled out the challenges:

“Space systems enable key functions such as global communications; positioning, navigation and timing; scientific observation; exploration; weather monitoring; and multiple vital national defense applications. These systems, networks, and channels can be vulnerable to malicious activities that can deny, degrade, or disrupt space operations, or even destroy a satellite. It is essential to protect space systems from cyber incidents in order to prevent disruptions to their ability to provide reliable and efficient contributions to the operations of the Nation’s critical infrastructure.”

Last year, the U.S. Air Force, the Federal Bureau of Investigation, and the National Counterintelligence and Security Center released a statement outlining how cyberattacks could compromise U.S. commercial enterprises as well as the country’s overall national and economic security by compromising U.S. space-related innovation and assets. The alert attested that:

“The intel shows that foreign threat actors are using cyberattacks and other techniques as a way to gain access to sensitive U.S. information for their own governments’ space programs. In some instances, unspecified foreign entities are strategically investing in joint business ventures and acquisitions, including targeting key supply chain nodes, as a way to gain access. Intel officials say other methods used by the spies include requests to visit industry facilities and attending industry conferences to try and obtain confidential information. The bulletin also warned U.S. space companies to be aware of foreign recruiters targeting individual employees with overseas work offers and consultant positions, as well as blatant offers to pay the employees directly in exchange for intellectual property.”

There are currently thousands of satellites in low Earth orbit and many more to come in the launch pipeline. They are vulnerable to hacking from both above and below. As a result, hackers now have more possible targets to choose from.

A case in point is the conflict between Ukraine and Russia. The global space sector was sent a large wake-up call by the cyberattack against the ViaSat satellite system, which occurred at the beginning of Russia’s full-scale invasion of Ukraine in 2022. When Russian troops invaded Ukrainian territory, a simultaneous cyberattack brought down thousands of modems from the satellite internet system. Worldwide connections were lost as a result of the attack.

Attacks on any of these vital space or ground-based components could disrupt an entire nation. Regarding communication, data processing, intelligence collecting, and national security, satellites, and space systems are at the forefront. The harsh circumstances and corresponding threats of space only increase the chances of a cyberattack on a space system. Securing space needs to be a forward-thinking priority

Learn More About:

Cyber Attack Prevention and Mitigation | Enterprise-Level Cybersecurity

About the Author

Chuck Brooks, President and Consultant, Brooks Consulting International

Chuck Brooks serves as President and Consultant of Brooks Consulting International. Chuck also serves as an Adjunct Professor at Georgetown University in the Cyber Risk Management Program, where he teaches graduate courses on risk management, homeland security, and cybersecurity. Chuck has received numerous global accolades for his work and promotion of cybersecurity. Recently, he was named the top cybersecurity expert to follow on social media, and also as one top cybersecurity leaders for 2024. He has also been named "Cybersecurity Person of the Year" by Cyber Express, Cybersecurity Marketer of the Year, and a "Top 5 Tech Person to Follow" by LinkedIn” where he has 120,000 followers on his profile. Chuck has keynoted dozens of global conferences and written over 350 articles relating to technologies and cybersecurity. As a thought leader, blogger, and event speaker, he has briefed the G20 on energy cybersecurity, The US Embassy to the Holy See and the Vatican on global cybersecurity cooperation. He has served on two National Academy of Science Advisory groups, including one on digitalizing the USAF, and another on securing BioTech. He has also addressed USTRANSCOM on cybersecurity and serves on an industry/government Working group for DHS CISA focused on security space systems. In his career, Chuck has received presidential appointments for executive service by two U.S. presidents and served as the first Director of Legislative Affairs at the DHS Science & Technology Directorate. He served a decade on the Hill for the late Senator Arlen Specter on Capitol Hill on tech and security issues. Chuck has also served in executive roles for companies such as General Dynamics, Rapiscan, and Xerox. Chuck has an MA from the University of Chicago, a BA from DePauw University, and a certificate in International Law from The Hague Academy of International Law.