Why does the U.S. want 'white hats' hacking satellites

Space is the final frontier for cybersecurity. With the number of satellites increasing every day, threat actors will soon note the thousands of valuable computers waiting to get hacked. 

The world went mad after the Soviets put the first artificial satellite, Sputnik-1, into orbit. The event made headlines all over the globe. Spooked by the prospect of a technologically superior USSR, decision-makers in the West kickstarted the space race.

In contrast, satellite launches barely make the news these days. With the increasing use of tiny cubesats, various nations on average send three satellites into orbit every single day. According to the U.N. Office for Outer Space Affairs, 1,272 satellites entered orbit last year. Even though it's only September, more satellites went up in space already, with 1,385 artificial moons launched in 2021.

The concept of satellite hacking is discussed frequently in deep and darknet communities. There is a real threat,

Darknet analyst at DarkOwl.

"You have a lot more civilian launches, a lot more companies that are starting to build space vehicles and put things in space. It's becoming a very crowded environment," U.S. Space Force Capt. Elijah Williams, a program manager at Space Systems Command, told CyberNews.

Whereas Sputnik 1 had no real impact on daily human activities, the complex network of modern satellites does. Everything from financial systems, mobile and internet services to GPS relies on smooth sailing satellites. 

"We see this as a place that needs to come together as one. Whether that's the military and the research community to find out how we can better secure this space domain and make sure everybody's playing fairly and safely at the same time," Capt. Williams explained. 

Earthly woes

Escaping Earth's gravity does not make one immune to its problems. Satellites are nothing more than space computers. And as anyone with at least mild interest in world news knows, there are many problems with the digital world.

Namely, a seemingly uncontrollable tsunami of ransomware attacks plaguing businesses all over the world. With thousands of SpaceX, OneWeb, Kuiper, and Lightspeed satellites scheduled for launch in the coming years, it's only a matter of time till a cyber cartel aims higher.

Three CubeSats are seen moments after being outside of the International Space Station's Kibo laboratory module. Image by NASA.

After all, hacking a satellite is not as difficult as it sounds. For example, James Pavur, an Oxford Ph.D. student focusing on satellite systems security, has proven that it's possible to intercept satellite communications using $300 worth of T.V. equipment.

Fortunately for satellite operators, Pavur is a security researcher, using his skills to point out security vulnerabilities. Not all are high-minded, though. According to a lead analyst who asked his/hers name not to be revealed due to sensitive work at a darknet data provider DarkOwl, threat actors are also interested in artificial moons.

"The concept of satellite hacking is discussed frequently in deep and darknet communities. There is a real threat, and I imagine the U.S. government is concerned about possible impact to GPS and critical internet/telecommunications-related satellites in lower orbit," the analyst told CyberNews in an email. 

High-end simulation

The newly formed U.S. Space Force, in tandem with the U.S. Air Force, tries to engage hackers before they do it themselves. For that very reason, a second Hack-a-Sat (HAS2) event takes place this year, encouraging teams of cybersecurity researchers to break into a ground satellite, called a flat sat.

Earlier this August, ten teams qualified to go to the HAS2 finals in December. All teams received a $10,000 prize and will compete for a $50,000 first-place award in the finals. During the finals, the team will have to try to attack opponents' satellites and defend their own gear at the same time.

With the democratization of space, we need to make sure that these new companies that formed and are going to form care about security,

Stephen Colenzo.

According to Stephen Colenzo, a technology transfer lead for the Air Force Research Laboratory, the event is designed to get the best of the two worlds. Being a skilled hacker is not enough since teams need to be apt in understanding the space domain.

"Those things are necessarily not thought of initially unless you're in the space world," he explained.

Teams need to be aware of how Earth's gravity works and how that impacts satellite communication, and the peculiarities of the software a satellite employs. Making the exercise feel more authentic, organizers gave the teams a flat sat, a ground-based replica of an actual satellite.

In the final event, HAS2 contenders will have flat sat's simulating a space environment using the same software NASA engineers use to test the agency's satellites before launch. From a software point of view, it will be as close as possible to hacking into a device orbiting our planet.

According to Colenzo, the Air Force aims to provide the 2023 Hack-a-Sat participants with an in-orbit device to try to hack.

NASA and National Reconnaissance Office (NRO)-sponsored CubeSats. Image by NASA.

'White hats' in space

For a decade, the space domain was shrouded in secrecy, with most of the space-faring nations keeping everything space-related under the 'top secret' tab. Secrecy does not mean security, though. According to Captain Williams, it's high time to bridge the gap between the cyber community and space.

"We need to make sure that the space domain is as safe as possible. To accomplish that, we need to find unknown research areas to be explored via the results we get out of Hack-a-Sat competitions. It's very important," Capt. Williams explained.

There are good reasons to keep as safe as possible. Enter: the Kessler syndrome. A hypothesis, named after NASA's scientist Donald J. Kessler, suggests that orbital collisions between satellites would cause a chain effect with every new impact increasing the likelihood of even more crashes.

In the worst-case scenario, the Kessler syndrome would render lower Earth orbit unusable for several generations. Even though extremely unlikely, a cyber gang could hold the whole planet for ransom in exchange for orbital safety. 

We need to make sure that the space domain is as safe as possible. To accomplish that, we need to find unknown research areas to be explored via the results we get out of Hack-a-Sat competitions,

Capt. Elijah Williams.

According to Stel Valavanis, founder and CEO of cybersecurity firm onShore Security, satellite hacking is not some farfetched sci-fi scenario but a proven fact. A fact that carries dangerous implications given civilian and military infrastructure is heavily based on satellite use. 

"White Hat hacking and bug bounty type programs are a way to crowd-source vulnerability discovery. There's little reason not to employ this tactic since it's completely safe in a controlled setting, so I certainly applaud it," Valavanis told CyberNews.

Security in mind

Events like HAS2 allow for spreading awareness of the potential dangers that unsecured satellites might lead to. After all, if a team of 'white hat' hackers can take over a satellite, there's no reason to think capable threat actors could not do the same.

"With the democratization of space, we need to make sure that these new companies that formed and are going to form care about security because we and other countries are going to be consumers of these products in the future," Colenzo told CyberNews.

He cautioned that there's no reason to expect that threat actors will not change their tactics with advancing technology, aiming at targets whizzing high above our heads. Hack-a-Sat events could become grounds to develop an understanding within the industry that a security researcher should thoroughly test any satellite before going to space.

ISS-53 Kestrel Eye IIM satellite deployment. Image by NASA.

With multi-billion-dollar businesses heavily invested in conquering the space domain, our planet is bound to be wrapped in a network of unearthly infrastructure. More devices in space mean a larger attack surface. 

The worst part is that threat actors with time and means for a sophisticated attack are interested in compromising satellite infrastructure, says Aaron Cornelius, a senior security researcher and Jennifer Tisdale, principal of cyber-physical systems security programs, from a cybersecurity company GRIMM.

"Training opportunities such as Hack-a-Sat are very helpful for increasing the skill and knowledge of researchers who may be of great help to companies needing to defend against attackers and to harden satellite controls against potential attacks," Trisdale and Cornelius wrote in an email to CyberNews.

More from CyberNews:

Hybrid work is here to stay, but security concerns are high

Here’s how to secure your company against ransomware attacks, according to CISA

Your favourite streaming service isn’t as safe as you’d think

Access Now: governments vilify and persecute information security researchers

How Solarpunk and its radical optimism is changing the world

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked