FT: A global satellite blackout is a real threat; how to counter a cyber-attack?

by John Thornhill, Innovation Editor at the Financial Times (FT)

What if the satellite communications networks encircling our planet ever go down?  Mobile phones will stop working, navigation systems will crash, television screens will go dark and financial transactions will fail.

The three most likely ways this might happen are: an intense geomagnetic storm resulting from a solar flare like that which occurred in 1859, known as the Carrington event; a cascading collision of space debris, called the Kessler effect; or a deliberate cyber attack.

On Sunday, a SpaceX rocket blasted off from Cape Canaveral with a special payload designed to reduce the last of those dangers. On board was a US government Moonlighter satellite, described as “the world’s first and only hacking sandbox in space.”

Once the satellite is deployed, five so-called “white hat” — or ethical — hacking teams at the Hack-A-Sat 4 competition in Las Vegas will try to hijack the Moonlighter and win a $50,000 prize for exposing its vulnerabilities.

“With Moonlighter, we’re trying to get in front of the problem before it is a problem,” one project leader told The Register.

Last year, on the day Russia invaded Ukraine, hackers launched a malware attack against Viasat’s KA-SAT satellite. They temporarily disrupted the communications of thousands of broadband users in Ukraine, as well as in Poland, Italy and Germany, where 5,800 wind turbines were also affected.

“We are all aware that the first ‘shot’ in the current Ukraine conflict was a cyber attack against a U.S. space company,” Kemba Walden, America’s acting national cyber director, has said.

Leaked CIA intelligence, reported by the Financial Times this year, warned that China was also building sophisticated cyber weapons to “deny, exploit or hijack” enemy satellites. The U.S. has not revealed its own offensive capabilities in this domain. But it is not only Chinese spy balloons Washington is worrying about. Whereas space used to be solely the domain of nation states, private companies are increasingly dominating the game as launch costs fall and satellites shrink in size.

Last year, the U.S. launched 1,796 objects into space, 32 times more than in 2000. The lines between the military and civilian have also blurred as a result of dual-use applications, such as global positioning systems, making commercial satellites a target. And because of the difficulties of fixing satellites in space, designers add a lot of back-up parts, increasing the “attack surfaces” that hackers can exploit.

Viasat says it has learnt lessons from last year’s attack and has strengthened its defences. Basic cyber hygiene is essential in every link in the communications chain (the hackers accessed a misconfigured ground-based virtual private network appliance). Constant vigilance is required: the US company has been persistently attacked since the war began. And rapid response teams must be ready to re-establish control if a system is compromised.

“Anybody who claims perfect security is either lying or they do not know what they are talking about,” Craig Miller, Viasat’s president of government systems, tells me. “You have to be able to respond very quickly.”

There are three main ways to hack a satellite, according to James Pavur, a cyber security engineer at Istari, a US start-up. The first target is ground infrastructure, the most accessible attack surface but usually the best protected. Then, hackers can aim to intercept wireless communications between ground stations and the satellites — or spoof them. The third, and hardest, approach is to go after the “bird in orbit” by building, or exploiting, security backdoors in satellite components. So operators must secure their entire supply chain.

Most hacking attacks are hard to trace. Only four countries have the known capability to take out a satellite with a rocket — the US, China, India and Russia — although such attacks risk triggering the Kessler effect. But anyone from anywhere at any time can hack software. White hat hackers are a particularly valuable community in helping to secure critical satellite infrastructure, argues Pavur.

“There is a mindset of security through obscurity. But a sufficiently motivated adversary will find an ‘exploit’,” he says. Far better to discover those vulnerabilities first and fix them rather than trying to shelter in obscurity. The idea of crowdsourcing security sounds like an oxymoron. But white hat hackers have won round sceptics over the past decade. As software developers say: “Given enough eyeballs, all bugs are shallow.” That rule may even apply in space.

Write to: [email protected]