A space war will be fought in front of a computer screen
Instead of a Hollywood-worthy spectacle, a military attack on orbital infrastructure would be fought with a barrage of ones and zeros.
No major military conflict has involved attacks on space assets so far. However, Russia's recent war in Ukraine has put a bullseye on satellites that provide the victim nation with a competitive edge against a larger aggressor.
Even before Russian troops crossed the Ukrainian border, satellites provided Kyiv and the world community with indispensable intelligence. Using data from commercial satellites, open-source intelligence (OSINT) researchers warned that Russians had amassed a massive army next to the border with Ukraine.
Once the conflict began, a mix of government and commercial space assets allowed Ukrainians to effectively navigate their military drones against the invading army. Later, the same capabilities helped to prove that Russia had committed war crimes in the town of Bucha, 15 miles north of the country's capital.
Given the advantages space assets provide, it'd be hardly a surprise if the Kremlin decided on applying counter space capabilities against Western military and commercial satellite infrastructure.
"Russia is more of an actor that I feel is unknown, and maybe more of a concern about being boxed into a corner. You're not a hundred percent certain what it is that they will do," Maj. Gen. Leah G. Lauderback, the Director of Intelligence, Surveillance and Reconnaissance, Headquarters US Space Force, said last month.
While 'space war' can allude to a laser-fueled dogfight, the reality is less flashy. A recent paper from the US Defence Intelligence Agency (DIA) points to a variety of counterspace measures nations can employ against each other.
Put in two broad categories, these range from reversible threats to nonreversible threats. Major powers such as the US, Russia, and China all have the capability to act within the nonreversible measures spectrum. For example, last November, Russia carried out a direct-ascent anti-satellite (ASAT) missile test against its satellite, demonstrating its capability to smash a satellite into thousands of pieces.
Due to a large amount of left-over debris, ASAT measures endanger the whole Lower Earth Orbit (LEO), potentially denying access to a specific path in orbit for decades to come. That's why attacks like these fall within the 'irreversible' spectrum.
Nuclear detonation, physical attack on ground sites, and co-orbital counterspace measures are also considered irreversible since their effects destroy some segments of the orbital infrastructure.
"Crucially, they [satellites] were not engineered in a hostile environment like the internet or another evolution technology that's taken place over the last decade"-Chris Rouland, CEO of Phosphorus Cybersecurity
While destroying an enemy's satellite infrastructure is the most straightforward way to deny an adversary a certain space-based capability, it's also the least likely. Not only is it almost impossible to hide attribution of such an attack, but it would also constitute a clear act of war.
Last year, NATO members hinted that an attack on an alliance members' space assets might lead to the invocation of Article 5. In the context of Russia's war in Ukraine, that would mean a Russian ASAT attack on a French satellite would cause the whole alliance to go to war.
"Capabilities like direct ascent anti-satellite (ASAT) weapon or co-orbital are the types of irreversible attacks. The destruction is there. There's no plausible deniability since everyone can see a missile being launched," Victoria Samson, the Washington Office Director for Secure World Foundation, told Cybernews.
According to Samson, reversible counterspace measures, for example, electronic warfare and cyberattacks, are much more lucrative for threat actors who don't want to drag themselves into a full-scale global war.
Don't look up
The space domain entered the war in Ukraine on the first day of the conflict. As it was later revealed, Russia targeted the US satellite communications provider Viasat on 24 February, the day Moscow's troops poured into Ukraine.
While the attack targeted ground-based systems, namely routers used by Viasat's KA-SAT network customers, the general idea behind the intrusion was to deny access to a space-based system.
According to Ang Cui, cybersecurity expert and founder of the Red Balloon Security, a cybersecurity firm for defending embedded systems, the infrastructure behind satellites is often a lot more vulnerable than the orbital infrastructure.
"When people talk about satellite security, they tend to immediately think about the little cube in Lower Earth Orbit. Almost no one wants to remember that in order to use those shiny little metal things, you have to have big old infrastructure on the ground," Cui told Cybernews.
An average ground station is a 20-year-old installation, Cui explained, with system-running code that was likely written in the mid-90s. Interestingly enough, while new satellites are equipped with modern technology, they need to maintain backward compatibility to match the systems on the ground.
Cui's team looked into the global satellite infrastructure and determined that the most obvious path for an attacker to take is to target ground systems since, security-wise, they're behind the current standards by decades.
"Think back to your average software developer back at that time. They're not thinking about security. The most obvious gap within our global satellite communication infrastructure is very much all of the things that control the ground station. And you can pivot off to the satellite from there," Cui said.
While a cyberattack on a ground-based control system might be the obvious choice from an attacker's point of view, that doesn't mean satellites are immune to hackers.
Some of the most critical orbital infrastructure, like the Global Position System (GPS), which we often take for granted, operate using a small number of satellites that are difficult to replace.
15 out of 29 operational GPS satellites were launched before 2012, with the oldest satellite on duty whizzing around our planet since 1997.
Chris Rouland, CEO of Phosphorus Cybersecurity and IBM's former CTO, thinks the age is a problem since satellites are nothing but flying devices with small, low-power computers.
"This is now a huge challenge as the cyberspace race is on to retrofit – as best as possible – aging satellites that are vulnerable to hackers from adversarial nation-states, such as Russia, who possess immense cyberattack capabilities."-Charles Denyer, a cybersecurity and national security expert
"Crucially, they [satellites] were not engineered in a hostile environment like the internet or another evolution technology that's taken place over the last decade," Rouland told Cybernews.
For example, the price of software-defined radio (SDR) systems dropped dramatically over the last decade, allowing enthusiasts to use computers instead of expensive hardware to communicate via radio waves, the main communications channels of older satellites.
Charles Denyer, a cybersecurity and national security expert, agrees that many satellites currently in orbit were never built with modern cybersecurity measures in mind.
"This is now a huge challenge as the cyberspace race is on to retrofit – as best as possible – aging satellites that are vulnerable to hackers from adversarial nation-states, such as Russia, who possess immense cyberattack capabilities," Denyer told CyberNews.
On the lookout
With a rapidly growing commercial satellite fleet and increasing reliance on space-based services, the protection of space capabilities is ever more important.
Glimmers of hope can appear even during trying times. The US recently announced Washington would unilaterally withhold from ASAT missile testing, a first among the spacefaring nations.
Cybersafety, however, remains an open question. Unlike commercial satellite projects, such as Elon Musk's thousands-strong Starlink constellation, GPS and other communications systems rely on fewer orbital devices.
Losing one out of thousands is immeasurably more damaging than losing a single device out of a dozen. Whether it's a financially motivated ransomware attack or aggression by a state-sponsored actor, all sides should be aware of the risks involved.
"Deterrence through strength of our offensive cyber capabilities is what's needed now – and in the future – for keeping our assets in orbit safe and secure," Denyer thinks.
More from Cybernews:
Subscribe to our newsletter