Expert Paints Bleak Picture of Cyber Threat to Space Industry
Last year, David Livingstone, an associate fellow at Chatham House, one of the world’s leading think tanks in foreign affairs and security, co-authored, with Patricia Lewis, a Chatham House research paper on space and cyber. Via Satellite was able to spend some talking to Livingstone about the research paper and why he thinks the satellite industry is woefully underprepared right now to deal with emerging cyber threats.
VIA SATELLITE: Cybersecurity is a term we hear a lot at our events and in our publications. What do companies in the aerospace and satellite sector need to do to keep their networks safe?
Livingstone: The research paper on space and cyber, which reported in September last year, was part of our more general cybersecurity thread that we have been developing over the past five years or so. We chose this topic as we had an instinct that the space supply chain was not behaving particularly well in cyberspace. Why is space worthy of particular investigation when it comes to cyber?
We are now coming in the third era of space. The first era was really represented by programs such as Sputnik and the Apollo missions, which were about national prestige. We then went, in the second era, to heavily technological space missions such as very large communications satellites, and Earth Observation (EO) satellites, which provided data for scientific communities, and we also observed the advent of precise navigation and timing systems such as GPS. So, the background of space has been biased toward scientific goals, but now we are entering the third era, which is commoditization of space in which the provision of enabling infrastructure and the provision of services is being catalyzed by low cost access to space and payloads becoming smaller and more efficient.
Bandwidth is becoming cheaper. EO data is becoming cheaper, and regarding the internet rather than taking the more expensive route — i.e. by fiber around the world — much of the communications data is being routed through ever more capable and resilient space systems. The result of this migration and capability development is that the world is now coming to the point where space is becoming embedded in national infrastructure, national living, the way we conduct our lives.
When it comes to public organizations, we have some significant shortfalls when looking at security. What are the implications of poor cybersecurity in space? For example, communications satellites could get disabled, jammed or disrupted with a resulting reduction in bandwidth. If these types of satellites became no-functional then communications providers would have to go back to fiber whose systems could become overloaded. You have Global Navigation Satellite Systems (GNSS) such as GPS and Galileo, which not only provide accurate pinpointing capability, but also the precise timing needed for a whole range of systems, such as time division, multiple access radio systems, and also the timing function (down to milliseconds) for fast trading systems in stock exchanges around the world. These systems, which require highly precise timing, can be influenced by jamming. You can also have a more sophisticated threat in terms of spoofing which, despite everything looking normal on, for example, an electronic navigation chart, the navigation signals are mutated to subtly alter the resultant positioning. For example, you can interfere with a crude tanker’s navigation system causing it to go to run aground.
Our Chatham House research established that no one is really getting to grips with the problem internationally. What is being done to counter the threat? What can be done to counter the threat? We have found a void.
VIA SATELLITE: What can the satellite industry learn from other industries in terms of protecting its space assets?
Livingstone: All industrial sectors have their own particular problems in cyber. But there are always common threads in terms of threats and responses. But I think we can point back to some things that really do work, either within a single enterprise, or how enterprises can work together to share information on threat, and also “what works” in trying to combat cyber insecurity. So, for example, there is a high level of collaboration within financial services organizations that share information and combine their responses in cyberspace. For them, cyber is not a competitive issue as they do not know which organization is going to be hit next. In this instance we have seen the potential for a whole sector to behave together to rapidly get up to speed in cyber establishing a national, then international, and then sectored cybersecurity culture.
We can replicate this in the space sector and a good start would be for organizations to start sharing data on satellite attacks to raise the level of awareness around the problem. Publicly, we see a few events, but we are certain that there are more. We then need to share methodologies much better. What must be done is for the sector to install much better awareness and education of cyber all the way down the immensely complex and far reaching space supply chain. So, the end effect must be for people, managers, designers and so on, to be thinking about the cyber aspects of their product or their service. But who can lead this culture transformation?
Regulated approaches involving the machinery of government or the machinery of international agreements are generally too slow for the ever-increasing pace of cyberspace development, with its attendant threats. In cyberspace, you do not have the critical element of time. Governments and international bodies are designed to create law and agreements and frameworks. This complex process of arbitration does not encumber our adversaries. Being so free of regulation they will always hold the upper hand. To have any sort of chance of success in countering the threat, you need to be able to march at the same speed as your opposing forces. And so this points to non-regulated approaches to cyber security, not only in the space sector, but elsewhere too.
VIA SATELLITE: Do you think space-based assets are particularly vulnerable? How do you view the cyber threat to the space industry?
Livingstone: If you look at the threat spectrum, you firstly have nation states and especially some pariah states. Cyber is great for David versus Goliath type power imbalances because investments in cyber, for example, do not have to be the same as investment in inter-continental ballistic missiles. Cyber is a cheap form of offence.
At nation-state level you can think of a few that would love to demonstrate that you could bring down or neutralize multi-billion dollar satellites and maybe reduce military and intelligence footprints, just because that is how some states think. There are also organized criminal aspects where there are financial pay-offs to the bad guys; satellites could be taken hostage for example. Terrorism is also a threat. You also have your individual hacker who just wants to create mischief and hack into a system simply because it shows technical prowess. And then you can get all kinds of mixtures in the threat spectrum: organized criminal groups acting as proxies for national. You have movement of skills up and down the threat spectrum depending on how you recruit capability, and the dark web is a fertile ground for this skills marketplace. It is a very complex picture and the motives for all the groups can change. The space sector has to be prepared against all of these.
There is also a cost-balance equation to consider. In this era of space commoditization, satellites are getting cheaper and cheaper, and smaller and smaller, and the costs of access to space are going down. You have to make a risk-based decision on how much you invest in cyber-hardening a satellite asset. For example, if you are going to launch a cubesat to experiment with say an Android mobile phone to see if it will work in space, it will cost about 200,000 pounds (around $250,000) for that satellite to launch and commission. On top of this project cost you then have to consider spending another 200,000 pounds to cyber-harden your Android phone or the datalink system that is going to support the experiment? The answer may well be that the cyber element becomes disproportionate and the whole venture becomes too expensive. So, cyber gets set aside, and the cyber risk is accepted.
A big company, such as a communications provider, will probably spend what it takes to cyber-harden its extremely expensive asset that has a long service life in orbit. But, what about the smaller size vehicles that are becoming more numerous and whose owners are competing on cost, a vital consideration in this third era of commoditization of services. What risk do they assess that they can carry and how much are they going to spend on cyber? That becomes a very, very difficult question.
What are the questions running through the minds of the program executives, particularly the CFO community? “I think I am going to get away with it” or “I have to be absolutely certain.” That is going to be a really interesting question for a number of space vehicles as we come into the era of the commoditization of space. The answers to the questions around risk can only be based on knowledge, which, we think at Chatham House, remains in scant supply.
VIA SATELLITE: How do you expect the cyber threat to evolve over the next two or three years? What can enterprises do to protect themselves against these threats?
Livingstone: One of the things that we found in our research is that throughout the supply chain there seems to be a lack of awareness that cyber needs to be thought about seriously. We think this is because there is insufficient disclosure on cyber events, which thus leads to complacency. Despite cyber becoming a more recognized issue, we still found flaws in thinking even with the large satellite providers — with their approach particularly toward uplinks and downlinks and whether, for example, they are encrypted or not. If satellites are moving around the Earth at 12,000 miles an hour, accessing numbers of ground stations in each orbit, encryption can become difficult.
We also unearthed a lack of awareness about the assurance of the supply chain all the way down to your integrated circuit chip, which you are going to be putting into a board, and then be inserted into a server, which is then going to be bolted into a satellite. In a vehicle that will be up in space for 15 years, it seems very much laissez-faire. If you look the space supply chain from top to bottom, even on a national scale, there is not even a cybersecurity culture that reflects the responsibility that the supply chain has for maintaining proper assured and protected services that support our national infrastructure; so our banking, our telecoms, our emergency services. There is quite a lot of catching up to do.
VIA SATELLITE: Given the unique coverage of satellites, do you see them as being a particular target for hackers? Does it present unique challenges when looking to counter the threat?
Livingstone: Every satellite will have a unique vulnerability. If you look at EO satellites, it is about the confidence in the data. They orbit the world, so there are a lot of potential interception points where the hacker could gain access. All the ground stations need security, whether personal and/or cybersecurity to prevent unauthorized interference.
It is a little bit easier where you have geostationary satellite sitting out on the equator with a smaller number of ground stations. The problem there is that the prize is so much bigger. If you take over a $500 million satellite, there is potentially a huge impact there and very sophisticated threats might want to get into that satellite. The variety of threats and variety of motivations for these threats make this a very difficult problem.
VIA SATELLITE: What trends do you see happening in the cybersecurity market going forward? How will the market evolve and change?
Livingstone: Things can freewheel along, and a few organizations like Chatham House and other organizations, could wave a flag for something to be started. If you really want to get things going, unfortunately you need a bit of a disaster. You need a big and expensive satellite to be impacted.
So, if you were to have a satellite de-orbited by a hacker, that would at least become very newsworthy, and could feasibly be a huge disaster regarding safety of life at an impact zone. Then, there would be a public reaction that would cause an awful lot of money to be spent, as well as a more public approbation of the industry with a public demanding why was this not foreseen. It takes this sort of thing to crystalize action.
But one of the things that Chatham House is recommending is that there should be an international alliance of organizations that wish to mitigate the threat in space-cyber. At the moment, it seems that people are just shuffling an awful lot of paper around, and saying it is all looking terribly dangerous, but nothing is actually happening. But, as we have established at Chatham House, as a phenomenon, space and cyber is a societal-level vulnerability which may well come back to bite us.