Space Cyber Security for National Security Space Systems and Low Earth Orbit Constellations - International Defense Security & Technology
Our modern way of life depends greatly on space assets. These assets are mostly either unprotected or have minimal protection against cyber-attack. For example, the Iridium satellite network that was built in the 1980s, the messages are sent in plaintext format using the GSM standard, whose specification is completely public. Today, components, such as the software-defined radio can be brought of the shelf that the Chaos hackers used to eavesdrop on Iridium’s unencrypted messages.
Military strategic and tactical missile systems rely on satellites and the space infrastructure for navigation and targeting, command and control, operational monitoring and other functions. However, insufficient attention has been paid to the increasing vulnerability of space-based assets, ground stations, and associated command and control systems.
Vulnerabilities abound even in highly sensitive systems, such as civilian and military satellite constellations that are used for communications, navigation, time synchronization for distributed systems (think “power grid”), weather forecasting, and deterrence weapon systems.
For example, many military constellations rely on encrypted transmissions from the ground-control segment to the spacecraft, but have no further defenses, such as least permissions, intrusion detection, and mitigation, should an attacker manage to circumvent the encryption.
Meanwhile, malicious cyber activity is constantly evolving, and cyberattackers are becoming ever more imaginative. From compromising the software in ground systems and stealing sensitive data, to jamming satellite signals, hacking in-orbit satellites and using spy satellites, their techniques are becoming more and more innovative and can have significant consequences for civil and military users:
In 2022, we saw that cyberattacks on satellites servicing one country could disrupt critical national infrastructure in another. In February 2022, just as the Russian invasion of Ukraine started, a large number of satellite modems in Ukraine and elsewhere in Europe were subject to a cyberattack and disabled, requiring global operator Viasat to do a hard-reset following which it could continue to deliver vital communication, including to Ukrainian refugees in neighboring Slovakia.
The conflict in Ukraine has nonetheless demonstrated that space has been and will continue to be extremely relevant at times of geopolitical conflict. As these trends are likely to continue, we will see new threat actors, targeting space systems to impact the critical services enabled by satellites.
Traditionally, space and terrestrial systems were largely isolated from each other, each serving a different set of users and requirements. This model has changed in recent years, as systems become more complex with greater interconnections between Earth-Space networks. Future generations of smartphones, for instance, may well have satellite messaging capabilities for emergency communication where there is no terrestrial connectivity.
Digital transformation has also resulted in the establishing of interfaces between systems and, more importantly, across traditional trust boundaries (partners, customers, etc.). The supply chain for hardware and software is dependent on multiple component parts, making it difficult to identify responsibility and liability for the ultimate security and resilience of the services supplied.
Furthermore, adoption of large satellite constellations is driving the number and complexity of ground control and service support infrastructures, thereby increasing the potential attack surface.
Cyberattacks on satellites could cause disruption to internet services and loss of connectivity can disable remotely controlled systems (a wind farm was shut down in a recent attack). Loss of positioning signals can disrupt air transport, road traffic and shipping, but can also affect the synchronization signal needed for banking transactions and other operations relying on very low-latency networks. Interference with satellite imagery services can compromise military intelligence and invalidate scientific studies by altering their source data. Cyberattacks can undermine the integrity of strategic weapons systems, destabilize deterrence relationships and obfuscate the originator of the attack without creating the debris problem that a physical attack would cause.
Because cyber technologies are within the grasp of most states (no matter how small or impoverished) and non-state actors, they level the strategic field and create hitherto unparalleled opportunities for small belligerent governments or terrorist groups to instigate high impact attacks,” the Office of the President of the United States stated in their 2011 International Strategy for Cyberspace.
As NISTIR draft 8270 eloquently points out, “Space is an emerging commercial critical infrastructure sector that is no longer the domain of only national government authorities. Space is an inherently risky environment in which to operate, so cybersecurity risks involving commercial space – including those affecting commercial satellite vehicles – need to be understood and managed alongside other types of risks to ensure safe and successful operations.”
Attack Vectors and Vulnerabilities of Space Assets
Space assets depend on the integrated working of space segment and ground segment. When space segment consists of multiple satellites working together for a common purpose, such as with the Tracking Data Relay Satellites (TDRS), they are collectively referred to as a constellation. The ground segment is a set of geographically distributed stations with powerful satellite communications (SATCOM) equipment that can send command and control telemetry to satellites and receive telemetry data from the satellite’s systems and instruments.
The types of attack to which satellites are vulnerable fall into two primary categories: physical attacks and computer-system attacks, writes Ryan Hutchins in Cyber Defense of Space Assets. Physical attacks are those directed either directly against the satellite’s physical bus or transmitted signals. The vectors for physical attacks vary greatly transmitting signals that mimic a satellite’s or ground control station’s signals but contain false information, or “spoofing,” is a physical attack, as is jamming. But physical attacks also include anything from anti-satellite missiles to a “spray-paint attack, wherein” one satellite gets close enough to another satellite to spray paint its optics, rendering them blind.
Computer system attacks, on the other hand, are attacks that affect the computing systems present on a satellite. The ultimate goal in these attacks is unauthorized access to the satellite’s instruments, bus, and data. Common vectors for these attacks are the introduction of malware into hardware in the supply chain, and compromise of the ground units that communicate with satellites, including the ground control stations of, for example, the Air Force Satellite Control Network and NASA, or field-deployed SATCOM radios. These ground systems have many of the same software vulnerabilities that plague other computer systems.
The most prominent potential ingress for a cyber-attack against such a system is the ground-control station. A hacker that compromised the station could take complete control of a spacecraft by sending messages prior to encryption.
Broken user credentials are likely to allow a malevolent actor to establish an advanced persistent threat in a satellite network. An advanced persistent threat (APT) is a stealthy set of hacking processes that continuously affect a system over time. APTs are most often used to exfiltrate vital information from a business or government target over a long period of time.
The vulnerabilities responsible for enabling these threats are divided into three categories: software vulnerabilities, hardware vulnerabilities, and insider threats. Insider threats are threats caused by individuals who have been granted trusted access to the internal network.
The most important software vulnerabilities afflicting military space systems are, the same as common vulnerabilities in particular, backdoors, hardcoded passwords, remote code execution (RCE), insecure protocols, spoofing, hijacking, SQL injection, insecure authentication, and file upload flaws are of primary concern.
Finally, there is the threat that the hardware used to construct these systems could be used to deliver a hardware attack. This vector has recently been at the focus of cyber security news because its use in Mirai botnets. Chinese manufacturer, XiongMai Technologies’ line of IoT products have hardcoded default passwords in their firmware. The Mirai malware logs into these firmware backdoors to take control of these devices and incorporate them into massive botnets that can deliver devastating DDoS attacks.
The attacker could also leave behind an advanced persistent threat, to make strategic use of compromised satellites at later times. The threat of this attack vector is reified by the numerous successful cyber-attacks directed against NASA.
Cyber Security Initiatives
Discussions between the World Economic Forum’s Global Future Councils on Cybersecurity and Space, held in April 2022, suggest that governments, alongside those who operate, use, and profit from space-dependent technologies, should identify critical space-enabled services and should prioritize ensuring their end-to-end cyber resilience.
The Cybersecurity and Infrastructure Security Agency (CISA) announced the formation of a Space Systems Critical Infrastructure Working Group. The group is composed of government and industry members that operates under the Critical Infrastructure Partnership Advisory Council (CIPAC) framework, bringing together space system critical infrastructure stakeholders.
According to CISA, “the working group will serve as an important mechanism to improve the security and resilience of commercial space systems. It will identify and offer solutions to areas that need improvement in both the government and private sectors and will develop recommendations to effectively manage risk to space based assets and critical functions.”
DARPA and DoD are interested in moving toward satisfying DoD space missions with large constellations of inexpensive satellites in low earth orbit (LEO). This distributed approach provides both redundancy and resiliency, as well as other benefits.
However, the success of national security missions that use space systems, depends on fully integrating cybersecurity into the planning, development, design, launch, sustained operation, and decommissioning of those space systems used to collect, generate, process, store, display, transmit, or receive National Security Information (NSI), as well as any supporting or related infrastructure.
Cyber security technology
The three steps that space asset stakeholders must take to successfully defend their resources, Ryan Hutchins in Cyber Defense of Space Assets are:
(1) to establish an agile, global regime that can provide training, intelligence, and knowledge sharing between stakeholders;
(2) to perform code analysis and penetration tests to expose known vulnerabilities in existing infrastructure that can be shored up by relatively simple means. Once complete, this will ensure space asset safety against a wide range of basic attacks that would currently succeed. This will force adversaries to expend massive amounts of time and resources in an attempt to find successful exploits.
(3) Aided by the established global regime, stakeholders must undertake research efforts into defense-in-depth design, and that enable them to anticipate vulnerabilities and exploits so that they may seize the initiative from attackers and design protocols, software, and spacecraft buses that are hardened against cyber-attack.
In an article in Homeland Security Today, Paul Ferrillo Esq, and Chuck Brooks composed an article Protecting Space-Based Assets from Cyber Threats. “In our article, we set forth below a non-exclusive list of security elements for defending space-based assets and satellites, along with ground-based control flight networks. We have adapted these from “Defending Spacecraft in the Cyber Domain” and government sources.”
1. Security by design – not security as an afterthought – built into every satellite from the ground up.
2. Identity and access management (“IAM”) – those accessing flight control information and surfaces need to be identified and verified by an IAM solution that will pass muster on the user using machine learning identifiers to attempt to prevent authorized access to critical vehicle functions.
3. Multi check for IoT related devices – IoT devices must be able to be updated; no hard-coded passwords should be allowed.
4. The backbone of a cyber-resilient spacecraft should be a robust intrusion detection system (IDS). The IDS should consist of continuous monitoring of telemetry, command sequences, command receiver status, shared bus traffic, and flight software configuration and operating states, anticipate and adapt to mitigate evolving malicious behavior. The spacecraft IPS and the ground should retain the ability to return critical systems on the spacecraft to known cyber-safe mode. Logging should also be available to cross-check for anomalous behavior.
5. It is critical that spacecraft developers implement a supply chain risk management program. They must ensure that each of their vendors handles hardware and software appropriately and with an agreed-upon chain of custody. Critical units and subsystems should be identified and handled with different rigor and requirements than noncritical units and subsystems and should also be constructed with security in mind. All software on the spacecraft should be thoroughly vetted and properly handled through the configuration management and secure software development processes (DevSecOps).
6. Both the spacecraft and ground should independently perform command logging and anomaly detection of command sequences for cross validation. Commands received may be stored and sent to the ground through telemetry and automatically checked to verify consistency between commands sent and commands received.
7. Protections should be made against communications jamming and spoofing, such as signal strength monitoring and secured transmitters and receivers; links should be encrypted to provide additional security.
Security elements for defending ground-based systems and network assets include but are not limited to (also from the Homeland Security Today article):
1. Adoption of cybersecurity best practices, including those aligned with the NIST cybersecurity framework (“CSF”).
2. Key network components should be logically and physically separate to prevent virus-like (ransomware) attacks from spreading throughout the network.
3. All ground-based system and network assets should be required to have the following policies in place: incident response, business continuity and crisis communications plans, patching policies, BYOD policies and backup policies.
4. All ground-based space systems and facilities should be required to hold quarterly employee training for all individuals on things like spear-phishing and socially engineered email attacks.
5. All ground-based space systems and facilities should be required to adopt a fulsome vendor supply chain risk management program that touches all primary and tertiary vendors.
6. All ground-based space systems and facilities must adopt machine learning intrusion detection systems to help guard against anomalous and potential malicious activity.
7. All ground-based space systems, facilities, and space manufacturers and vendors should be required to join the Space ISAC to be able to collaborate by sharing threats, warnings, and incident information.
See Protecting Space-Based Assets from Cyber Threats – HS Today
Another technology that Multiple companies are adopting is laser optical communications as the next evolution in satcom. SpaceX, Telesat and LeoSat are all incorporating laser technology in their Low Earth Orbit (LEO) constellations.
Laser beams are highly focused compared to RF which spreads to many kilometers over the distance the waves reach LEO orbit. Therefore laser communication signals cannot be detected unless you are within the narrow laser beam. According to LGS Innovations’ CEO Kevin Kelly, it’s “relatively straightforward” to layer bulk encryption over the data before its excited to the photonic level and transmitted down to Earth. One can also create custom waveforms that only the user will know how to decode..
DARPA’s Cyber and Encryption Security for National Security Space Systems and Low Earth Orbit Constellations
DARPA has launched program on Cyber and Encryption Security for National Security Space Systems and Low Earth Orbit Constellations.
The Defense Advanced Research Projects Agency is seeking information on new technologies it can use to manage the sharing of missions across large constellations of inexpensive low-earth orbit satellites for the Defense Department. advances in autonomy and machine learning are enabling the management of multiple vehicle systems that collaborate. DARPA is interested in leveraging these advances in order to demonstrate unique military utility.
DARPA is interested in leveraging advances in cybersecurity going beyond compliance with DoD instructions to ensure the security of the constellations of inexpensive low-earth orbit satellites for the Defense Department.
DARPA/TTO is seeking new technologies and concepts to derive appropriate system security requirements, architectures, and system designs from the inception of the design process through decommissioning. Areas of interest to secure include, but are not limited to:
- Information systems within the space segment collecting, generating, storing, processing, transmitting, or receiving NSI information
- NSA-approved cryptographies and cryptographic techniques, implementations, and associated security architectures,
- End-to-end encryption of all data (e.g. space platform bus and payload command echoes, telemetry, health and status, mission data, and communications relay) transmitted over any communications link
- Command initiated or automatically invoked unencrypted emergency backup links or cryptographic bypasses used to recover lost communications
- Pseudorandom bit streams to ensure cryptographically derived transmission security effects are not predictable by unauthorized personnel
- Accomplishing a secure mission shared across multiple satellites
- Autonomous detection and response to anomalous or malicious cyber events
- Securely networking among a large number of satellites in multiple orbital planes with multiple comms links, multiple ground stations, and/or multiple remote (tactical) users
- Secure on-orbit data cloud and autonomous management of dynamic, distributed data storage and processing functions across multiple satellites
- Operator interface designs for constellations allowing the flexible but secure command and control (C2) relationships.
- Scalable approaches for the above areas that enable data rates of 10Gb/sec.
References and Resources also include:
http://www.cs.tufts.edu/comp/116/archive/fall2016/rhutchins.pdf
https://www.marsplanet.org/cybersecurity-in-space/
International Defense Security & Technology (May 3, 2023) Space Cyber Security for National Security Space Systems and Low Earth Orbit Constellations. Retrieved from https://idstch.com/space/space-cyber-security-for-national-security-space-systems-and-low-earth-orbit-constellations/.
"Space Cyber Security for National Security Space Systems and Low Earth Orbit Constellations." International Defense Security & Technology - May 3, 2023, https://idstch.com/space/space-cyber-security-for-national-security-space-systems-and-low-earth-orbit-constellations/
International Defense Security & Technology May 3, 2023 Space Cyber Security for National Security Space Systems and Low Earth Orbit Constellations., viewed May 3, 2023,<https://idstch.com/space/space-cyber-security-for-national-security-space-systems-and-low-earth-orbit-constellations/>
International Defense Security & Technology - Space Cyber Security for National Security Space Systems and Low Earth Orbit Constellations. [Internet]. [Accessed May 3, 2023]. Available from: https://idstch.com/space/space-cyber-security-for-national-security-space-systems-and-low-earth-orbit-constellations/
"Space Cyber Security for National Security Space Systems and Low Earth Orbit Constellations." International Defense Security & Technology - Accessed May 3, 2023. https://idstch.com/space/space-cyber-security-for-national-security-space-systems-and-low-earth-orbit-constellations/
"Space Cyber Security for National Security Space Systems and Low Earth Orbit Constellations." International Defense Security & Technology [Online]. Available: https://idstch.com/space/space-cyber-security-for-national-security-space-systems-and-low-earth-orbit-constellations/. [Accessed: May 3, 2023]
No comments:
Post a Comment