Photo: Space Foundation

COLORADO SPRINGS, Colo.— Cybersecurity in space architectures is going to be an all-hands effort requiring reworking flaws in legacy network systems and developing new platforms to counter attacks from adversaries. Experts from industry and the government discussed ways of coordinating cybersecurity efforts, with the knowledge that capable adversaries are already able to exploit weaknesses, at the Space Symposium on April 10.

[This story was published exclusively for Space Security Sentinel newsletter. Learn more and subscribe here]

Maj. Gen. John Olson, special government employee in the Defense Innovation Unit (DIU), set out the obvious — our No. 1 cybersecurity threat from a nation state is China. “That’s clear and unambiguous. But when we talk about the nexus of China, plus Russia, plus Iran, plus North Korea, this is a global capability, economically dynamic, militarily capable and constantly evolving,” he said.

We have now moved from a period of urgency to emergency, Olson said. “As we look at resilient and robust and responsive space systems, those are only possible with a similarly resilient, robust, multi-factor, multi-capable set of cybersecurity.”

Jeffrey Janicik, CEO and president of Innoflight, said the real cybersecurity challenge with space is that, when compared to modern industrial, terrestrial computing, “we’re still very small,” he said. “But there’s a lot to learn from those industries. We do use legacy systems. But there are a lot of weaknesses, and we can’t protect those.” His company works to provide cybersecurity in space vehicles with protected processors.

The approach that Chief Revenue Officer Kip Gering’s company, SpiderOak, takes is to work with the technology providers in space to eliminate the vulnerabilities through their platform.

SpiderOak’s platform is designed so that data commands transmitted across and within the architecture, even across architecture, are secured. “The message is authenticated. It’s authorized to be sent by the sender and received by the receiver. We can offer a level of encryption at the application layer,” he said.

Gering warned that networks used in space architectures now are flat, with all devices are connected to a single network segment. Once inside, an adversary can do whatever they want. “One of the things that we’ve been trying to address is how to deal with these flat networks that occur across these space architectures,” he said.

Erin Miller, the executive director of the Space Information Sharing and Analysis Center (ISAC), said that the members of the Space ISAC are primarily private sector, critical infrastructure owner operators who may be Low-Earth Orbit (LEO), Geostationary Orbit (GEO), or undersea operators. “So when we look at the threats and vulnerabilities, we had to take a global approach from the outset,” she said.

The ISAC operates a watch center in Colorado Springs where they track the adversary from the ground to space, she said, and also work with a number of different types of defense, commercial, and international companies.

In 2024 they designated a global hub in Australia. “What that means for us is that now we’re moving towards a 24/7 problem design approach with these private sector entities,” she said. “They’re sharing indicators of compromise, indicators of attack, and indicators of behavior.”

Space ISAC also signed a formal contract with NASA during Space Symposium she said, and recently designated a global hub in the U.K. Space ISAC has also been collaborating with U.S. Space Command for over a year now. “We actually have a liaison that sits in our watch center,” she said. “That’s an incredibly important partnership for us.”

What she said they have been seeing is a number of cyber criminals hoping to facilitate state-sponsored espionage campaigns. They are beginning to chain together multiple zero-day vulnerabilities to gain initial access, conducting remote execution, obtaining the credentials and implementing web shells and victim networks.

When asked what more can be done to protect space, Olson said that the industry needs not just a whole of nation, but a whole of team approach. “That team includes like-minded partners and allies. This is across the civil, commercial, national security, and intelligence side.”

What was learned about the first commercial space conflict in the Russia Ukraine war is the absolute imperative of commercial companies “moving at the speed of need and relevance,” he said. “This whole nation team or goal of global enterprise together has got to have unity command and unity of effort,” Olson said. “We need to be working more like that, with a sense of emergency. This a critical activity.”

Cybersecurity is about harnessing the traditional and non-traditional industry elements, accelerating and doing the same across key international partnerships as well, he said. “This is how we compete and win.”