GovCon Expert Chuck Brooks, president of Brooks Consulting International and adjunct professor at Georgetown University, has written an article for Forbes that lays out imperatives for tightening cybersecurity measures in satellite activity.
In the February 27-published piece, “The Urgent Need to Cyber-Secure Space Assets,” Brooks compiles various incursions on U.S. data and satellite systems that have already occurred, as well as discusses the need for space to be considered as viable a domain for protection as any other.
Space is not considered a U.S. critical infrastructure in the federal legislature, a list which currently comprises 16 different enterprises. But Brooks argues that it should be the 17th critical infrastructure and is a booster of a proposal that has been introduced to the House of Representatives called the Space Infrastructure Act.
Brooks also cites Edward Swallow, senior vice president and chief financial officer at The Aerospace Corporation and Samuel S. Visner, MITRE fellow, who claim that there should be “an interagency, federal risk management structure with responsibility for space systems security and resilience” in place to safeguard space-bound resources.
Such programs have already started to crop up, such as the Cybersecurity and Infrastructure Security Agency’s Space Systems Critical Infrastructure Working Group. The coalition is made up of both government officials and industry leaders.
Brooks attests that satellite and space security is of budding importance because “our reliance on space, and especially satellites, for communications, security, intelligence, and commerce has exponentially grown with digital transformation.”
He also references the increasing number of satellites currently in low Earth orbit, which amounts to almost 5,000 and which are also expanding in their source and purpose, with more satellites than ever being launched for commercial interests rather than just those of national governments.
In the article, Brooks cites a Homeland Security Today piece that he co-authored with Paul Ferillo where the two explicate some “security elements for defending space-based assets and satellites, along with ground-based control flight networks.”
These potential measures include identity and access management, multi-check log-in processes for Internet-of-Things devices and implementation of a supply chain risk management program for all vendors and software users who come into contact with the satellite systems.
Per his and Ferillo’s article, Brooks says, “The backbone of a cyber-resilient spacecraft should be a robust intrusion detection system (IDS). The IDS should consist of continuous monitoring of telemetry, command sequences, command receiver status, shared bus traffic and flight software configuration.”
Such measures are crucial, according to Brooks and his research, to protect from ransomware threats, economic attacks from U.S. adversaries as well as hackers looking to hijack the satellites for their own purposes.
Possible methodologies of attack might be electronic warfare such as jamming or spoofing, microwave weapons or laser dazzling, in addition to the previously stated and more insidious cyber invasions.
“Space is an emerging and critical cybersecurity frontier that we are becoming increasingly dependent on for both our commerce and security. It needs the attention of the national security establishment and…There is an urgency to move forward in a rapid, ambitious, and focused path,” Brooks concludes.
