One of the greatest takeaways from the war in Ukraine is the unprecedented reliance on commercial technology shaping the conflict. This, combined with the global interconnectedness and interdependence of today’s technology, expands the attack surface well beyond the traditionally geographically confined aspects of war. In this particular conflict, the space industry has played a more prominent role in demonstrating how risks to infrastructure supporting war efforts could put infrastructure at risk in other parts of the world.
With reliability on space systems only increasing, it is critical to understand the expanding attack surface of space-based networks. And more importantly, we must find ways to defend them. Satellite launches are at an all-time high and the barrier to entry in space is lower than ever before. Space technology promises to improve communication speeds, navigation accuracy, trade efficiency, advanced manufacturing, biotechnology, and raw material access among many other advantages. And, just between 2020-2030, space exploration is expected to generate $1.2T in revenue. These advancements in space are happening at an extraordinary pace compared to recent years and increase risk and opportunity for all.
Space-Based Systems: Ubiquitous, Software-Defined and Open to Attack
As we embrace this new era where day-to-day activities are dependent on access to space systems, cybersecurity is beginning to play a greater role in the industry than ever before. And we need to be ready for unlikely interconnections that expand the attack surface. For example, a cyber-attack that targeted Viasat network communications over Ukraine had unexpected cascading effects in other parts of the world. In Germany alone, the event knocked out 11 gigawatts worth of wind energy turbines. This event highlights how reliance on space assets, combined with their interconnectedness, can expand the attack surface beyond the intended target, putting critical infrastructure at risk, in some cases.
Not only are satellites more ubiquitous and more interconnected to other technologies and services, but today’s satellites are also more software-defined than they have been historically. This creates many advantages, like pushing updates to satellites in real-time to patch vulnerabilities or enable new features in response to demand and threats. But it also creates new risks.
As satellites adopt common platforms and cloud-based solutions, they are more broadly susceptible to software supply chain impacts that may ripple through a system. And, the sheer number of endpoints in these satellite networks has also expanded opportunities for malicious actors. This only becomes more concerning when we consider that space systems in particular are not only vulnerable to cyber events, but they are also susceptible to physical, signal, and electronic attacks.
In addition to the structural changes to space systems over the years, recent events in Ukraine also demonstrated that space assets are viable targets during geopolitical events. SpaceX’s Starlink provided complimentary satellite-enabled internet service to Ukraine at the onset of the Russian invasion following the Viasat outage. Legal experts say this move deemed Starlink a viable military target. This case demonstrates that geopolitical events and business decisions related to space assets are interrelated in today’s environment.
No International Standards for Outer Space or Cyberspace
Adding to the challenge that privately-owned space assets are now on the front lines of conflict, the world lacks any international norms of behavior for today’s and tomorrow’s space ecosystem. The only widely recognized international space agreement is the Open Space Treaty of 1967 — which was adopted long before the recent uptick in commercial activity in this domain.
The same way the world lacks internationally agreed upon norms for operating in cyberspace, outer space is seeing many close encounters ranging from espionage to intentional physical tampering, to near collisions in orbit, and now cyber-attacks on space infrastructure. Without a clear space policy or updated international agreements on norms or rules of the road in space, understanding the true attack surface becomes more challenging and the risk of geopolitical escalation only increases.
Since the Russian invasion of Ukraine, LookingGlass analysts have been monitoring for threats against commercial satellite providers. We continue to observe interest on dark web forums in commercial satellite imagery companies and communications companies, in particular. As we have reported in our Cyber Monitor, Russia and China have expressed interest in targeting satellites and developing new capabilities to counter satellite systems in times of conflict.
A New Frontier for Attack Surface Management
The space industry needs to adapt to these changes in interconnectivity, new vulnerabilities, and greater cyber and geopolitical risk. As they do this, strong cyber intelligence is key. LookingGlass provides attack surface management enhanced with worldwide dark web monitoring that has identified threats to specific companies, including defense contractors.
The LookingGlass platform helps illuminate attack surfaces by identifying what assets are actually on an organization’s network, how many entry points there are to the open internet, and relevant adversary or criminal activity that pose threats to the entire system. It is never too early to map out your attack surface and prepare for these new risks.
For more insights from LookingGlass leadership on the future of cybersecurity in the space industry, check out the Cybersecurity 2022 and the World Economic Forum’s Will the Battle for Space Happen on the Ground? both featuring LookingGlass CEO Bryan Ware.