Germany unveils plan to tackle cyberattacks on satellites
Vendors get checklist on what to do when crooks inevitably turn up in space
The German Federal Office for Information Security (BSI) has put out an IT baseline protection profile for space infrastructure amid concerns that attackers could turn their gaze skywards.
The document, published last week, is the result of a year of work by Airbus Defence and Space, the German Space Agency at the German Aerospace Center (DLR), and BSI, among others. It is focused on defining minimum requirements for cyber security for satellites and, a cynic might say, is a little late to the party considering how rapidly companies such as SpaceX are slinging spacecraft into orbit.
The guide categorizes the protection requirements of various satellite missions from "Normal" to "Very High" with the goal of covering as many missions as possible. It is also intended to cover information security from manufacture through to operation of satellites.
The "Normal" category correlates to damage that is limited and manageable. "High" is high-consequence damage that "can significantly limit the operation of the satellite system." As for "Very High," the attack could result in shutdown and "reach an existentially threatening, catastrophic extent for the operator or the manufacturer."
The detail is impressive, although the document is more a baseline of what requires attention (via a checklist) rather than a straightforward set of instructions. Phases of the satellite lifecycle includes design, testing, transport, commissioning operation, and finally decommissioning. Then there are the networks and applications used to support the spacecraft itself, right down the level of subnet or server room.
As satellites get smarter, their attack surface area increases. In addition, disrupting constellations and communications is arguably yet another front for conflicts. The European Space Agency (ESA) invited hackers to have a crack at its OPS-SAT spacecraft (in a controlled environment) earlier this year with a view to understanding and dealing with vulnerabilities.
- How do you sing 'We're jamming and we hope you like jamming, too' in Russian? Kremlin's sat-nav spoofing revealed
- Starlink's success in Ukraine amplifies interest in anti-satellite weapons
- Russia: The hole in the ISS Soyuz lifeboat – was it the crew wot dunnit?
- SpaceX: 5G expansion could kill US Starlink broadband
Cybersecurity in space is increasingly important. Just over a decade ago, a pair of US-maintained environmental monitoring satellites experienced "interference" and while anti-satellite weaponry can do untold damage, cyber warfare has continued to spread. After all, why aim a missile at a satellite if an atacker can bend it to their will?
Drilling through the drives after EOL?
As for the BSI document, it goes as far as considering what do with satellites past the end of their lifetime. The spacecraft might contain all manner of crypto secrets and will require monitoring if sent to a graveyard orbit.
"Even if all requirements are implemented," the document warns, "100 percent security cannot be achieved.
"Targeted attacks on the information technology of facilities of all kinds are increasing. Security gaps in the systems that have become known are being exploited more and more quickly. It is not always possible to rectify the problem in good time by means of appropriate updates."
Wise words, and equally applicable on the ground as in orbit. ®
- Advanced persistent threat
- Black Hat
- Bug Bounty
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Hubble Space Telescope
- Identity Theft
- James Webb Space Telescope
- Kenna Security
- Palo Alto Networks
- Remote Access Trojan
- RSA Conference
- Trusted Platform Module
- Zero trust