The universe is getting smaller, and space cybersecurity is keeping up. On May 30, 2020, nearly a decade after the Space Shuttle program ended, people witnessed a first: a vehicle built as part of a public-private partnership (between SpaceX and NASA) took off into space. This development was transformational because it brought the world one step closer to commercial space travel. We now have proof of concept that space travel, once reserved for powerful nation-states, is something that can be achieved, albeit with a lot of assistance right now, by a commercial company.

How safe space travel may be for everyday people is yet to be seen, but it’s an exciting time because we can actually start talking space travel, space tourism and space mining.

But space travel is not cheap, and safety is not a joke. The risks that come with space travel mean you do not play games when it comes to redundant and backup options. When making these huge investments, you cannot afford to go bust or risk lives. That means as people make efforts to go more often and deeper into outer space, cybersecurity becomes a real issue that must be addressed.

Why? Well, think “E.T. phone home” as a start. If you want space travel safety, you have to be able to communicate.

Space and Cybersecurity

On Sept. 4, 2020, the White House issued the Memorandum on Space Policy Directive-5 — Cybersecurity Principles for Space Systems. Section 4, Principles is a worthwhile read for cybersecurity experts. Here is a brief overview of that section:

  • Space systems and their supporting infrastructure, including software, should be developed and operated using risk-based, cybersecurity-informed engineering.
  • Owners and operators should develop and implement cybersecurity plans for their space systems.
  • Protect against unwanted access to critical space vehicle functions.
  • Include physical protection measures designed to reduce the risks of a space vehicle’s command, control and telemetry receiver systems.
  • Protect against communications jamming and spoofing.
  • Protect ground systems, operational systems and data processing systems.
  • Adopt appropriate cybersecurity hygiene practices, physical security for automated information systems and intrusion detection methodologies for system elements.
  • Manage supply chain risks that affect the cybersecurity of space systems through tracking manufactured products.
  • Space system owners and operators should collaborate to promote the development of best practices.
  • Security measures should be designed to be effective while permitting space system owners and operators to manage risk tolerances and minimize undue burden. These must be consistent with specific mission requirements, United States national security and national critical functions, space vehicle size, mission duration, maneuverability and any applicable orbital regimes.

For any cybersecurity policy wonk, this is pretty much a dream-come-true list of security principles.  But, don’t we try to apply those same principles down here on planet Terra? Yes, we do. Emphasis on the word try.

Today’s World is Guided by Space Research

Unlike the internet, which is inherently vulnerable by design, there is an opportunity in space to build a uniquely secure means of communication that could not only reduce the dangers of research, but also could alter even land-based communications and way of life. For example, Space Policy Directive-5 gives us plenty of examples of how space research helps with homeland security. We rely on space systems for a lot of things we take for granted in our daily lives:

  • Global connections
  • Position, navigation and timing
  • Scientific research
  • Exploration
  • Weather tracking
  • National defense

The fact that the use of the NIST Cybersecurity Framework is now ‘baked in’ to space projects is a welcomed development. But, there is something more intriguing going on with Space Policy Directive-5 and all the Space Policy Directives. Security-by-design principles are a driving force in their creation.

Building Trustworthy Space Cybersecurity Systems

If you haven’t heard of security-by-design, think about it like this. In its crudest form, it means to break while you build so you can fix and strengthen the weak spots. If you do this correctly and go above and beyond, you not only strengthen your system, you also build antifragility into your system. Nassim Nicholas Taleb, who coined the term antifragile, says this means the project doesn’t merely withstand a shock, but improves because of it.

That’s the chance we have with space systems that we don’t have with the internet. In fact, the internet is the exact opposite of being antifragile because we keep building on its inherent risks, making it more complex and, in turn, more fragile.

Guidelines and Best Practices

If you’re looking for guidance on how to employ security-by-design principles, one of the best resources is NIST Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems.

NIST SP 800-160 is great for future space communication system designs and for those who have the luxury to build their IT systems from scratch. It draws on a wide variety of standards and principles from the International Organization for Standardization (ISO), the International Electrotechnical Commission (IEC) and the Institute of Electrical and Electronics Engineers (IEEE).

“Infus[ing] systems security engineering methods, practices and techniques into those systems and software engineering activities,” NIST SP 800-160 allows you to better understand cybersecurity needs and plan for them well.

Security for Telecommunications Networks at the Speed of Light

Let’s take a look at a specific type of project that illustrates the way space cybersecurity professionals can apply to projects on Earth. Here on the ground, we’re getting all excited about 5G, as we should be. But something else exciting is happening when it comes to satellite security: quantum communications. Leaving aside for a moment that we are still early into quantum communications development, or more accurately, quantum key distribution (QKD), QKD in theory — at least in space — should be easier to achieve.

Let’s start with some background, without getting technical. QKD is great when it comes to encryption because a user can identify right away if a message has been tampered with. In theory, QKD is unbreakable, because subatomic particles (photons) act in a very peculiar way. Mess with those particles and the message is no longer secure.

That’s awesome, right? How come we don’t use QKD all the time?

The Problem with Quantum Keys

It’s just not practical. QKD data transfer over long distances and into today’s network is just not feasible on a mass scale. We’re talking distances of a few kilometers only in some cases. But when you add space and satellites into the equation, the metrics change a lot.

Why is that? Well, because of the nature of space and the nature of physics. Ground-based quantum signals suffer from something called rate of absorption. If we are to keep this simple and not go completely down the entanglement-based quantum cryptography rabbit hole, think of it like this: the photons can’t travel that far without becoming compromised in some form or another, which means you have to add repeaters along the way. And that’s not a great idea, at least with current-day systems. You’re going to need a whole bunch of repeaters, which could each be attacked.

So, why is this different when it comes to space cybersecurity?

That rate-of-absorption problem pretty much goes away, because the signals are traveling through empty space. Instead of having capabilities over a few kilometers only, suddenly you can have secure communications linked over a much greater distance, like say 1,000 kilometers.

In other words, when traveling through empty space, you don’t really need to worry about going through the different barriers you would find here on Earth. And, because of good ole’ physics, we are living in a completely different domain with a different set of rules. That’s what makes space projects so exciting. Our engineers will not be bound by the same rules of ground-based communications, meaning that we can employ the lessons learned down here up there, as well.

Why Securing Space Data Matters

Some of the reasons why we should be serious about space cybersecurity are obvious, such as keeping ground-based systems running and addressing national defense concerns. But to be more forward thinking, you need to be a bit more ambitious in your outlook. Space travel provides an entirely new domain to be scouted out. Just like the explorers of ancient and classical times, who traveled to find new worlds across the continents and oceans, we are entering the dawn of a new era.

Along with the thirst for knowledge that drove people out into the vast oceans or through rough terrain, there was something else that was driving them, too. Think for a moment about the Silk Road and other routes that unified Europe and Asia. The driving force behind them was trade and commerce, namely the spice trade between Europe, North Africa and Asia.

We open ourselves to an entirely new universe of possibilities if we can start exploring a territory we haven’t before. The possibilities are transformative. But if we are to take advantage of this new domain, we need to have a way to realize a return on investment. That’s why both land-based cybersecurity resilience and secure space-based communications matter.

Poor cybersecurity practices will sink the ship, both here on Earth and in space. Poor land-based cybersecurity will result in your standard issues: loss of intellectual property, disruption of operations and compromised devices. Meanwhile, poor space cybersecurity could result in multi-billion dollar losses in one shot because your vehicle is sent off course.

The Excitement of a New Era

We should be excited about this new chapter in space cybersecurity, travel and communications. There are so many lessons we can apply, whether they relate to redundancy, vulnerabilities, encryption or even artificial intelligence. The breakthroughs will not only bring space travel into a new era, but also will change how we send messages here.

We have the chance to build a secure system, correctly, using security-by-design principles. If we are successful, now, at the beginning, we will be able to invest our valuable resources more wisely in the future.

More from Intelligence & Analytics

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…