By: Craig Badrick on August 29th, 2018
Amid Talk of Space Force, America's Satellites Still Need Stronger Cybersecurity
The biggest threat to national security resides 26,000 miles from the U.S. mainland — distributed across the United States’ 658 active satellites.
The White House made headlines last month when it announced its intentions to establish a “Space Force” to work alongside the U.S. Air Force. While the moniker might evoke imagery better-suited to a Star Wars movie, national security and outer space are not in fact entirely unrelated.
The United States’ satellites present a very real security risk. Despite their extraterrestrial locality, these assets remain vulnerable to a number of threats. And as you might imagine, cyberattacks — rather than physical threats — pose the far more likely and far more perilous security risk.
The Space Cyberthreat
While any physical attack against a U.S. satellite would require resources beyond the means of most nations on earth, cyberattacks can be implemented cost-effectively, from a variety of access points, and by state and non-state actors alike. Their objectives can range from data exfiltration to denial of service — and even permanent loss.
The threat is already a very real one: the International Space Station (ISS) wasn’t internet-equipped until 2010, but it has faced a number of cyberattacks before and since then. In both 2009 and 2011, hackers managed to obtain and leak NASA’s ISS control codes, and in 2008, the station was infected by a gaming virus intended to collect personal information. On more than one occasion, NASA has lost “full functional control” of important systems due to targeted cyberattacks.
More frightening still, U.S. adversaries China, Russia, North Korea, and Iran all have histories of attacking American assets in the cyber domain. And it is thought that both China and Russia are currently working to develop the capabilities to perform satellite attacks. In 2007 and 2008, suspected Chinese hackers targeted satellites operated by NASA, and in 2015, a group of Russian hackers allegedly connected to Russian Intelligence hijacked unencrypted commercial satellite connections in order to steal data.
Even individuals acting alone can pose a threat to security in space: in 2014, a 25-year-old British citizen named Sean Caffrey hacked a Department of Defense satellite and stole the personal data of hundreds of Pentagon employees. Expert hackers come in all shapes and sizes, which is why keeping cyber assets secure is so difficult — and so vital.
Securing Assets On and Off the Ground
Separately from the White House’s Space Force directive, Congress’ recently-passed 2019 National Defense Authorization Act (NDAA) calls for greater measures to secure the U.S. satellite infrastructure. The sudden call to arms for increased cybersecurity in outer space is playing out in much the same way here on Planet Earth, where unsecured terrestrial networks pose security risks for both the nation and the enterprise (no, not the starship).
Most enterprises don’t have to worry about securing spacecraft, but end-to-end network security across widely distributed device networks remains a priority. With remote offices and increasingly mobile workforces using a multitude of devices, enterprise networks are really just terrestrial satellite networks of a sort.
As large companies embrace both the IoT and the BYOD movement, it has never been more important to ensure that no device is left unsecured. With nearly three decades of experience in enterprise network security solutions, Turn-key Technologies (TTI) has the expertise necessary to secure each and every device in your orbit.
TTI has helped companies of all sizes design, deploy, manage, and defend their enterprise networks from cybersecurity threats of all stripes and colors. Companies looking to defend against these threats would do well to consider partnering with a seasoned cybersecurity and networking expert like TTI.