In January of 2023, U.S. Defense Secretary Lloyd Austin and Secretary of State Antony Blinken hosted Japanese Foreign Minister Hayashi Yoshimasa and Defense Minister Hamada Yasukazu for the 2023 U.S.- Japan Security Consultative Committee.
The allied foreign and defense ministers announced that military retaliation in response to attacks on Japanese satellites will be considered under the Japan-US Security Treaty.
The inclusion of space in this decades-old treaty signals a shift in focus, codifying the defense of space assets at the diplomatic level. To defend space assets successfully, our definition of “attack” must expand beyond the kinetic.
During the Russia-Ukraine conflict, satellites became a central target for adversarial cyber operations, according to defenders.
U.S. Space Force Chief of Space Operations, General Chance Saltzman, labeled space and cyber as “inextricably linked.” He described their attractiveness as a target for adversaries on the battlefield: “right out of the gate, we saw both sides attacking satellite operations to degrade command and control.” In his words, satellites are “important to how a force fights in the modern environment.”
As global tensions rise amid the China-Taiwan conflict, the Department of Defense (DoD) must rigorously vet and defend cyber risks to satellites.
Vice Chief of Space Operations at U.S. Space Force, General David Thompson, said China is developing and fielding a wide range of technology such as jammers and lasers that could harm America’s satellites. Such attacks would have catastrophic impacts on civilian and defense infrastructure, economy, and safety.
A New Era For Defense
In December of 2022, the DoD Chief Information Office (CIO) released the Enterprise Satellite Communications (SATCOM) Management and Control (ESC-MC) Implementation Plan to support of the Department’s Digital Modernization Strategy and the United States Space Force Vision for Satellite Communications (see the sidebar for the complete USSF paper).
This cross-Department effort, involving U.S. Space Command, U.S. Space Force, DoD CIO, and the Defense Information Systems Agency (DISA) enables offices to manage SATCOM as a holistic capability and enable joint interoperability.
A key element of the Plan involves establishing governance and standards among SATCOM networks. Space poses an acute cybersecurity challenge as satellites are inherently interconnected and can hold sensitive data or even key intelligence. Should an adversary compromise a satellite, their ability to gain and exfiltrate such data is high. As such, the standards in development must include defining reasonable security measures. This would include stipulations to share threat information and develop a common cybersecurity architecture — not just for us, but also our allies and partners who share the space domain. Such standards should be considered basic cybersecurity hygiene measures that mitigate most common and effective cyberattacks.
The DoD can set the industry standard for addressing satellite cybersecurity as another dimension of critical infrastructure. As the current fiscal year moves forward, DoD will be well served to factor in these principles:
Consider the entire satellite asset. Traditional satellite systems were not designed with security in mind. Weak encryption and legacy systems cannot be easily patched or updated. Cognizant of the threats, providers of newer generation satellites are undoubtedly working to fortify cybersecurity in new spacecraft. Even so, the traditional information technology (IT)-centric approach to security does not include protecting the operational technology (OT) layers that satellites rely on. That makes satellites more vulnerable to hacking, since their OT components share data over the same networks as IT components use. DoD should factor both IT and OT requirements into any forthcoming security standards.
Learn from IT security evolution. Leaning on decades of hard lessons learned in securing terrestrial IT networks will help achieve space asset security. That includes basics like defining best practices to assess what assets are in place, and enabling observability into their operational performance to help detect anomalies that can indicate attacks. Satellite vendors can harden the code running on space systems and use the principle of least privilege for accessing them. These same lessons have been successfully applied to transportation OT systems.
Require a whole-of-industry approach. Aligning with the 2022 National Defense Strategy, the Space Systems Command (SSC) Commercial Services Office (CSCO) is seeking industry input that will be used to inform requirements for a pilot program for new satellite cybersecurity guidance.
The program is known as the Infrastructure Assurance Pre-Approval (IA-Pre) initiative. A key goal for IA-Pre is streamlining risk assessments for COMSATCOM vendors while applying a cybersecurity-first approach. The initiative requires building strong industry relationships; however, in the same spirit as the pending Cybersecurity Maturity Model Certification (CMMC) requirement for members of the defense supply chain, the plan should assure that those vendors adhere to common standards that will assure cyber resilience for all.
The transition of space to a battle frontier is happening quickly and mandates disruptive change to fortify the technology on the frontlines of cyberattack. New and thorough standards must be developed with expediency, working in realistic industry partnership while setting a non-negotiable bar.
As the number of satellites in orbit and dependence on them for civilian and military uses increase, securing them must be a top national priority.
Egon Rinderer
With 30 years of federal and private sector industry experience, Egon Rinderer serves as Shift5’s Chief Technology Officer with a focus on growing a world class field engineering team to drive rapid growth across federal and commercial sectors. A U.S. Navy veteran to the tech startup world, Egon was formerly with Tanium as Global VP of Technology and President of Tanium Federal, having joined Tanium when it numbered fewer than 20 employees. Prior to Tanium, Egon served with the U.S. military and throughout the intelligence community in the United States and abroad in an operational capacity.
Shift5 is the onboard data company that provides dual use technology to defend military weapons systems against operational technology (OT) cybersecurity risks and ensure mission readiness and cyber survivability. Shift5’s innovative technology enables military systems to deter adversaries, protect warfighters, and maintain their competitive edge.