Russia’s invasion of Ukraine shattered many predictions made a year ago. Few could have foreseen the profound impact the conflict would have on space security.
As 2022 began, experts warned us to be ready for a publicly disclosed cyberattack on a space system. While there are no confirmed reports of threat actors hacking a spacecraft, last year was full of attempts to disrupt space-based infrastructure.
The catalyst for targeting satellite systems was Russia’s full-scale invasion of Ukraine that kickstarted the largest armed conflict in Europe in almost eight decades. Fittingly, the first salvos of 21st-century war targeted satellite communications.
Attack on Viasat’s KA-SAT
On the first hours of February 24, right before Russian tanks broke through the Russo-Ukrainian border, Viasat, an American satellite broadband services provider, noticed high volumes of malicious traffic emanating from customer modems.
The cyberattack bricked thousands of modems in Ukraine and other European countries, leaving users relying on Viasat’s KA-SAT satellite network for communications, such as the Ukrainian military, blind.
Weeks later, American, British, and European intelligence services confirmed the Kremlin was responsible for the attack. The acknowledgment marked one of the first instances of a nation-state targeting commercial satellite service to advance its military goals.
The attack also impacted organizations in Germany and France. For example, a satellite outage knocked out thousands of wind turbines operated by Germany’s Enercon. According to the minutes of a closed-door meeting, Russia’s cyberattack impacted critical emergency services in France.
The invasion spurred the global hacktivist community to rally behind Ukraine. Anonymous, Ukraine’s IT Army, Hacker Forces, and many other hacktivist groups started targeting Russia’s private and state-owned enterprises.
The first instances of attempts to attack Russia’s satellite infrastructure came to light in the first week of the war. NB65 hacker group said they breached Roscosmos, Russia’s space agency, impacting the country’s vehicle monitoring system.
Even though Roscosmos’ then-chief Dmitry Rogozin dismissed NB95’s claims, he added that hacking a Russian satellite would constitute a reason for war. However, hacktivists invited colleagues to target the Russian satellite-based navigation system, GLONASS.
Early in October, a pro-Ukrainian hacker group OneFist alleged they breached Russia’s Low Earth Orbit (LEO) satellite communications network Gonets (“Messenger”), deleting a database crucial to its functioning.
“The entire aerospace industry needs an actual waking-up moment to realize that they also live in the real world and understand that hackers are interested in space.”Ang Cui explained to Cybernews.
Elon Musk’s Starlink has become a significant ace up Ukraine’s sleeve in the first months of the war. SpaceX’s satellite constellation of over 2,000 satellites in LEO provided essential internet connection for people in locations where cell towers can’t.
Many Starlink terminals were delivered to Ukraine after the country’s Vice Prime Minister Mykhailo Fedorov expressed concerns that Russia’s aggression may disrupt the country’s Internet connection.
Russia soon noticed that Ukrainian forces in the then-besieged city of Mariupol and other cities were using Starlink for communications and artillery targeting. In March, Musk said they had “resisted all hacking and jamming attempts,” shifting the attention to focusing on countermeasures.
Later in the year, after facing backlash over decreased resolve to support Ukraine, SpaceX owner said that his company was losing “$20m/month due to unpaid service & costs related to enhanced security measures for cyberwar defense.“ So far, however, no confirmed breach of Starlink has taken place.
Commercial satellites have been used to track the movement of Russian forces, provide evidence that Russian troops killed civilians, and supply communication services for the Ukrainian military. Experts feared that such usage could turn commercial space players into legitimate military targets,
Chinese researchers were among the first to add credibility to expert anxiety, saying that Beijing needs to develop means to disable or destroy SpaceX’s satellites if they threaten national security. Since the Starlink constellation comprises thousands of spacecraft, the difficulty of neutralizing it likely alerted Beijing.
In the last quarter of 2022, a group of Russian scientists published a paper ominously titled “Starlink’s Critical Vulnerability, or Elon Musk is Not Worrying in Vain.” Researchers explored ways to compromise the constellation going as far as to warn people living near SpaceX ground stations that they “are dangerous sites that risk potential military attack.”
However, it’s hard to imagine a scenario where a kinetic attack against a ground station or a satellite constellation by a nation-state actor would not be perceived as a potential act of war.
While countries shooting down satellites isn’t a likely outcome, cyberattacks are. Hard-to-attribute and often reversible damage allow nation-states to distance themselves or put the blame on unaffiliated hackers.
However, satellite cybersecurity remains weak. The head of the US Space Force’s Space Operations Command (SpOC), Lieutenant General (LTG) Stephen N. Whiting, went as far as to call space cybersecurity a “soft underbelly” of global space networks.
While some turn to companies like SpaceX for guidance, experts we’ve talked to explained that the space industry’s problems are much more profound than software vulnerabilities.
“The entire aerospace industry needs an actual waking-up moment to realize that they also live in the real world and understand that hackers are interested in space. I don’t think the industry is quite there yet,” Ang Cui, cybersecurity expert and founder of the cybersecurity firm Red Balloon, explained to Cybernews.
More from Cybernews:
Subscribe to our newsletter