A recent incident involving a distributed denial-of-service (DDoS) attack resulted in the disabling of electronic door locks in a major lunar settlement, leaving dozens of people trapped indoors and others locked out in dangerously cold conditions. This attack, along with the commandeering of a swarm of aged CubeSats last year, highlights the potential risks associated with cyber threats in outer space.
While these specific incidents have not actually occurred, researchers at California Polytechnic State University (Cal Poly) have conducted a study funded by the US National Science Foundation (NSF) to explore the possibility of such attacks in the near future. The 95-page report, titled “Outer Space Cyberattacks,” delves into the various factors that could drive a new wave of cyber threats as nations and private entities vie for supremacy in outer space.
The study introduces a taxonomy for space cybersecurity known as ICARUS (Imagining Cyberattacks to Anticipate Risks Unique to Space). This matrix allows researchers to generate millions of hypothetical scenarios involving cyberattacks on space infrastructure, including satellites, space stations, and communication systems. Examples range from disrupting lunar door locks to contaminating food supplies in outer space encampments.
Lead author Patrick Lin emphasizes the importance of considering a wide range of potential threats in space security planning, pointing out that current discussions around cyber threats in space tend to be limited in scope. Most reported incidents have focused on satellite hacking or jamming, overlooking the myriad vulnerabilities that exist in emerging space technologies.
The report identifies several key factors that could increase the likelihood of space-related cyberattacks in the coming years. The rapid growth of space technologies, coupled with the complexity of these systems and the lack of cybersecurity measures, create fertile ground for malicious actors. The deployment of satellites without adequate cybersecurity protections, such as CubeSats, further exacerbates the risks.
Moreover, the study highlights the challenges posed by space debris and unclear legal frameworks, as well as the high profile and impact of potential cyberattacks on space assets. As the number of objects in space continues to rise, stakeholders must grapple with the vulnerabilities inherent in these technologies, many of which were not designed with cybersecurity in mind.
Lin underscores the need for greater awareness and collaboration among space cybersecurity professionals, policymakers, researchers from various disciplines, and the general public. By anticipating and addressing novel threats in outer space, stakeholders can better protect critical infrastructure and prevent potentially catastrophic cyber incidents.
In conclusion, the report serves as a wake-up call for the space industry to proactively address the emerging challenges of cyber threats in outer space. By leveraging the ICARUS taxonomy and engaging a multidisciplinary approach, researchers and policymakers can better prepare for the complex cybersecurity landscape of the future.