A cyber-attack occurs when an adversary gains access to a computer system and inserts malicious code. In the space domain, attacks like these can include hacking on-orbit satellites; infiltrating the ground-system computers that control and receive data from the satellites; compromising drones; or affecting other computer systems, which in turn can compromise everything from satellites to power grids and other infrastructure.
“One of the primary goals of a cyber-attack is for reconnaissance, whether that’s for cyber reconnaissance, to further map the system and networks with the goal of maximizing attack effects on the system or just to exfiltrate mission data for intelligence purposes,” said Brian Sessler, chief of Space Systems Command’s (SSC) S6 cyber security division.
In terms of destruction, most cyberattacks are not causing the computer system to explode or erupt into flames, Sessler said. It’s more of a functional kill - impacting the availability of the system or the servers and denying warfighters access to the crucial services it provides such as communications or indications and warning data from a satellite.
“Our space systems are force multipliers: there are second- and third-order effects if you take out one of our GPS satellites, for example,” Sessler said. “How many other weapons systems rely on precision navigation and timing data and services from that satellite constellation? The same can be said for our communications and sensor satellites that are providing critical indications and warning data. Our adversaries are going to want to affect their availability, which is going to affect the kill chain and our ability to execute the mission.”
But it’s not just protecting systems once they’re operational, Sessler explained. Cyberattack threats apply across all phases of the acquisition process and need to be addressed early. A lot of it comes down to making sure all personnel are trained and able to recognize phishing attempts, social engineering, and insider threats that could compromise a system early in the design and development process.
While the areas of vulnerability for a satellite might be different than for a terrestrial system, much of the protective measures are similar: a layered defense, monitoring for unusual traffic, encryption, and making sure only certain users are allowed to issue commands under various conditions.
“Cybersecurity is very tough because the adversary only needs a pin hole in the attack surface,” Sessler said. “We’re defending against the entire surface, all potential attack vectors, and the adversary only needs to find that one pin hole. Cybersecurity starts early in the life cycle, but at every step of the acquisition process, we need to stay vigilant.”
Comments
Post a Comment