Satellites and other space communications technology are at significant risk from hackers and cyber attacks, a major new report has claimed.
Communications, air transport, maritime, financial and business services, as well as weather monitoring and defence systems, all face serious disruption if satellites and space infrastructure are targeted, researchers at Chatham House’s International Security Department have said.
“The last thing you want is military or cyber attacks on satellites – even if you just switch them off they are essentially space debris which can cause more problems,” Patricia Lewis, research director at the think tank, tells WIRED.
Lewis, who will be speaking at WIRED Security, says the space infrastructure hacks they discovered are just the “tip of the iceberg”.
“A large part of the critical infrastructure is sitting up there and not a lot can be done about it – it’s very old technology and it has never had any cyber protection built in,” she says. “So the big question there is how much can they be retrofitted and what happens going forward.”
The report – Space, the Final Frontier for Cybersecurity? – says cyber vulnerabilities in satellites and other communications technology “pose serious risks for ground-based critical infrastructure”.
“Possible cyber threats against space-based systems include state-to-state and military actions; well-resourced organised criminal elements seeking financial gain; terrorist groups wishing to promote their causes, even up to the catastrophic level of cascading satellite collisions; and individual hackers who want to fanfare their skills.”
Threats listed in the report include jamming and spoofing hacks on satellites to take control of them or their “mission packages”.
State-sponsored hackers can pose a realistic threat to space systems. Hacking groups working on behalf of governments have grown in prominence in recent years. State-sponsored groups have been linked to the 2014 Sony hack (although this has been questioned). And the recent hacks on the Democratic National Committee in the US have been linked to Russia.
Chris Porter, from FireEye’s intelligence team, tells WIRED it is monitoring around 30 known groups linked to state-level hacking attempts. He says that, quite often, successful attacks do not involve the most technically sophisticated methods.
“Something that might surprise people is that even the most sophisticated and advanced groups, the ones that are sponsored by large intelligence agencies, mostly get in through spear phishing and convincing users to give up their legitimate credentials.”
While Lewis’ report does not single out any nations, it said some countries are trying to protect their own satellites by organising red and blue teams to find any potential vulnerabilities. “There’s a lot of testing going on and some of that testing is hostile and some of it is more experimental,” she says.
China has already started to boost the protections on its satellites. In August the country sent the “world’s first” quantum satellite into orbit. Billed as “unhackable,” the experimental satellite will be used to test quantum computing technologies and communicate across large distances.
The satellite will attempt to send secure messages between Beijing and Urumqi, the regional capital of Xinjiang in the country’s far west, using photons to send the encryption keys necessary to decode information.
Lewis says such examples show that protection of infrastructure is a growing issue. “This infrastructure, which accounts for trillions of data transactions every day, involving communications, precise navigation and timing, Earth observation,” and more, could be under threat.
While not in space, GCHQ has said it could build a national firewall to protect the UK from cyber attacks.
Mark Robert Anderson, a security researcher from Edge Hill University, said the proposed system could technically be possible – but would come with key vulnerabilities. “Any hackers would only need access to a server inside the UK to create a Virtual Private Network (VPN) and any attack could be tunnelled into the UK and be launched from inside the firewall,” he told WIRED.