Endpoint February 8, 2023
By Moez Kamel 3 min read

Working as a cybersecurity engineer for many years, and closely following the rapid evolution of the space ecosystem, I wholeheartedly believe that space systems today are targets of cyberattacks more than ever.

The purpose of this article is to give you a glimpse of cybersecurity threats and challenges facing the New Space economy and ecosystem, with a focus on smallsats in Low Earth Orbit (LEO), as well as some technologies to assess space cybersecurity risks.

The article series is divided into four parts: Introduction to New Space, Threats in the New Space, Secure the New Space, and finally New Space Future Development and Challenges.

Introduction

The Aerospace and Defense industry is a global industry composed of many companies that design, manufacture, and service commercial and military aircraft, ships, spacecraft, weapons systems, and related equipment.

The Aerospace and Defense industry is composed of different key segments: large defense prime contractors/system integrators, commercial aerospace prime contractors or system integrators, first-tier subcontractors, second-tier subcontractors, and finally third-tier and fourth-tier subcontractors.

The industry is facing enormous challenges that stem from the COVID-19 pandemic, concerns over sustainability, disruptions from new technologies, heightened regulatory forces, radically transforming ecosystems, and, above all, the cyber threats and attacks that are getting more and more worrisome.

The increase of space cyberattacks and cybersecurity risks is stemming from the evolution of the space ecosystem to the New Space Age.

In this first article of the series, we will focus on the New Space notion and the definition of space system architecture.

From Old Space to New Space

Earlier, the space industry was a nation-level domain — and not just any nation; the United States of America and the Union of Soviet Socialist Republics dominated the industry. Space was related to governments and defense departments, and the objectives were essentially political and strategic ones.

Now, there is more involvement in space globally than ever before in history. This new era, led by private space efforts, is known as “New Space Age” — a movement that views space not as a location or metaphor, but as well of resources, opportunities, and mysteries yet to be unlocked.

New Space is evolving rapidly with industry privatization and the birth of new ventures to achieve greater space accessibility for different parties.

Nevertheless, this development in technologies and the fast growth of New Space projects make the space attack surface larger and increase the threat risks in terms of cyberattacks.

Space and Satellite Systems

LEO and CubeSats

LEO is a circular orbit around the earth with an altitude of 2,000Km or less (1,200 miles).

Most LEO Space Vehicles (SV) are small satellites, also known as CubeSats or Smallsats.

A CubeSat is a small, low-cost satellite that can be developed and launched by colleges, high schools, and even individuals. The 1U (Unit) size of a CubeSat is (10cm x 10cm x 10cm) and weighs about 1Kg. A CubeSat can be used alone (1U) or in groups (up to 24 U).

CubeSats represent paradigm shifts in developing space missions in the New Space Age.

Nowadays, CubeSats, and all the other SV types, are facing different challenges: environmental challenges, operational challenges, and cybersecurity challenges.

Space System Design

Any space system is composed of three main segments: ground segment, space segment, and link segment. In addition, we have the user segment.

Space System Design (Source: Space Security Info)

Ground segment: The ground segment includes all the terrestrial elements of the space systems and allows the command, control, and management of the satellite itself and the data coming from the payload and transmitted to the users.

Space segment: The space segment includes the satellites, tracking, telemetry, command, control, monitoring, and related facilities and equipment used to support the satellite’s operations.

Link/communication segment: The link or communication segment is the data and signals exchanged between the ground and space segments.

User segment: The user segment includes user terminals and stations that can launch operations with the satellite in the form of signal transmissions and receptions.

Conclusion

The New Space age makes the space field more accessible to everyone on this planet. It’s about democratizing access to space.

This new age was characterized by the increase of Smallsats development and especially CubeSats in LEO. These types of satellites are part of the space architecture in addition to the ground, communication, and user segments. Nevertheless, is this space system design threatened by cyberattacks?

In the next article in the series, we will explore the answer to this question.

 | 
Moez Kamel
Technical Specialist, Threat Management, IBM Security

Moez Kamel is an IBM Security Technical Specialist in Threat Management, the Technical Ambassador of IBM RANDORI in France, and a Space Systems Cybersecurity...

More from Endpoint
Software Vulnerabilities   March 21, 2023

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

Endpoint   March 20, 2023

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Intelligence & Analytics   February 24, 2023

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Intelligence & Analytics   February 21, 2023

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature