By Kevin Kelly, CEO and Chairman, Arcfield

As the role of satellite communication systems in geopolitical conflicts and critical infrastructure sectors continues to expand, concern regarding the security of satellite communications (SATCOM) systems is growing. These concerns are valid, as evidenced by the February 2022 cyberattack against satellite company Viasat, which the European Union dubbed one of the most significant hacks of space equipment to date.

There’s no doubt that space is one of the fastest growing sectors, for federal and commercial markets alike. According to the United Nations Office for Outer Space Affairs, there are more than 16,700 satellites orbiting Earth, with 2,748 launched just last year. Additionally, Euroconsult estimates that an average of 1,700 satellites will be launched per year by 2030. Starlink’s mega-constellation had over 5,000 satellites launched earlier this year and is projected to have as many as 42,000 total satellites when fully deployed.

Amid the rapid growth of the space domain, the U.S. Space Force is developing a next-generation, resilient SATCOM system known as the Protected Anti-Jam Tactical Satellite Communications (PATS) family of systems. For the program to be successful, it must address numerous challenges to promote increased bandwidth, cybersecurity, resilience, and interoperability among the U.S. and its international partners.

Why SATCOM cybersecurity is critical

Satellite operations are built on memory, compute and communications infrastructures. These systems rely on microelectronics and circuitry and are increasingly connected to the internet. As a result, both in-orbit satellites and their ground operations may contain network vulnerabilities that bad actors can exploit.

If a malicious actor successfully deployed a phishing or ransomware attack to gain control of a network of terrestrial-based stations that are communicating commands to a satellite constellation, the attackers could issue commands to alter a satellite’s telemetry, control, memory and content. From there, the attackers could use their own wireless uplink to mimic command and control signals to targeted satellites completely taking over a target satellite.

With satellites now responsible for critical functions such as military communications, national defense systems, missile launch detection, aircraft navigation services and much more, such an attack could have seismic consequences. It’s imperative that the U.S. government continue to invest in a system such as PATS and prioritize international cooperation with our allies to improve global SATCOM security.

Bolstering satellite and ground system cybersecurity postures

Comprehensive SATCOM security requires diligence and dedication to ensure systems are kept up to date; however, this investment is well worth it to avoid the potentially severe outcome of a cyberattack.

Legacy systems are a primary hurdle that engineers and IT professionals must overcome when striving to secure satellite constellations and ground systems. Many satellites that were engineered decades ago are still in-orbit and being used today, however, the notion of a cyberattack against a satellite was considered impossible when those systems were developed and launched. Therefore, few safeguards were put in place to defend against cyberattacks.

While the ability to push upgrades via software is inherent to each spacecraft’s operating system, it is important to realize that comprehensive security is more than just a piece of software and should include an architecture that involves authentication layers and encryption. Even the ground control data link to the satellite can potentially be compromised with the limited encryption used in legacy SATCOM systems.

However, the ability to provide a software upgrade and add layers of security to the legacy satellite itself is often limited when the satellite utilizes a first or second-generation microprocessor, whereas modern, advanced cybersecurity software systems require a fifth or sixth generation processor. As such, it’s imperative to invest in and protect the numerous servers and command controls on the ground. To defend the ground base network and provide a more sophisticated level of security, it’s critical to ensure the entire architecture has the authentication, encryption and different layers of protection necessary to deter and defend against bad actors. With each of those security layers receiving updates against emerging threats.

For new satellite constellations, protection begins in the architecture and engineering phase. Irrespective of cost, it’s imperative to build security inside all the different subsystems within the satellite—doing so initially is much more efficient than attempting to retroactively patch vulnerabilities.

As mentioned earlier, adequate defense requires multiple layers of protection. These layers include a range of encryption and monitoring systems which can detect nefarious activity. It’s also important to prioritize architectural resiliency. If a system is compromised, the first step is to take it offline. Engineers should also consider implementing multiple safe/recovery modes that allow the compromised satellite to be recovered from an attack and re-initialized.

Another defense tactic is to create a cost imposing strategy for adversaries. By making the defense systems exceedingly difficult and expensive to penetrate, the target becomes less attractive and therefore less likely to be attacked.

All hands on deck — the role of legislation, regulation and cooperation

In addition to technical enhancements, securing our space infrastructure and maintaining a strong foothold in the domain will require international cooperation, as well as domestic legislative and regulatory updates.

As such, the September 2023 release of NIST’s Cybersecurity Framework Profile for Hybrid Satellite Networks (HSN) is well timed. This framework provides guidance for improving infrastructure security, hardening security for assets, data and systems, and reducing the risks to HSNs, which is an aggregation of independently owned and operated terminals, antennas, satellites, payloads, or other components that comprise a satellite system.

In addition to NIST’s guidance, legislation is now being proposed to have space added to the list of critical infrastructures. The Space Infrastructure Act would direct the Department of Homeland Security secretary to designate space systems, services and technology as a sector of critical infrastructure.

It’s evident now more than ever, that the U.S. federal government has a large role to play in helping to shape and secure the future of the space domain by hardening our SATCOM defenses, strengthening collaboration with international allies, and implementing necessary security guidance and legislation.

Given the exponentially increasing role of SATCOM in both the commercial and military landscapes, public and private sector collaboration will be integral to satellite cybersecurity initiatives. Luckily, some of the best minds in the nation are dedicated to these efforts. With continued, comprehensive, and committed work, the U.S. and its allies can reap the many benefits that SATCOM has to offer without compromising on security.

About the Author

Securing Space Infrastructure for US And Allied CollaborationAs chairman and chief executive officer (CEO) of Arcfield, Kevin Kelly oversees the development and implementation of the company’s strategy while ensuring the company delivers technology-differentiated solutions to missions that are critical in protecting the United States and its allies. As CEO, Kevin is responsible for establishing a corporate culture, building and managing an expert leadership team, launching an innovation incubator that will ensure the company is developing solutions ahead of mission needs, and the overall growth of the company.

Kevin has been an active leader in the defense and intelligence industry for more than 30 years with proven success leading and managing companies through growth activities. He is passionate about innovation and ensuring that a company leverages its people, processes and technologies to its maximum potential to deliver for its customers.

Prior to Arcfield, Kevin was the CEO of LGS Innovations, a privately held independent technology company that was eventually acquired by CACI International in March of 2019. After its acquisition, Kevin oversaw the company’s integration into CACI through the company’s creation of a new high-tech sector (National Security and Innovation Solutions Sector), where Kevin would ultimately serve as president. In this role, Kevin oversaw the operations of a $2B business consisting of the technology and products portions of several key acquisitions; namely LGS Innovations, SIX3 Systems, TICOM Geomatics, and L3 NSS.

Prior to his appointment as CEO at LGS Innovations, Kevin served as the company’s chief operating officer and senior vice president of strategy. Earlier in his career, he held senior positions within General Dynamics and Lockheed Martin.

Kevin holds a bachelor’s degree in electrical engineering from Penn State University and a master’s degree in engineering management from George Washington University (GWU). He has held board and advisory positions with the LGS Innovations board of directors, Innovative Technologies Council of the Intelligence and National Security Alliance (INSA), Armed Forces Communications and Electronics Association (AFCEA), Institute of Electrical and Electronics Engineers (IEEE), the National Advisory Council for the GW School of Engineering and Applied Science (SEAS), and several other firms. Kevin is also a proud member of the Engineering Hall of Fame at GWU SEAS.

Kevin can be reached online at https://www.linkedin.com/in/kevin-l-kelly/ and at our company website https://www.arcfield.com/

Source: www.cyberdefensemagazine.com