As the importance of satellite communications grows, so does the importance of protecting satellite systems from threats ranging from hackers to solar weather, experts said at this month's RSA conference.
For example, last weekend's solar storm was more than just a minor phenomenon; it was also a major disruption and a reminder of how dependent society is on reliable satellite connectivity. Solar flares have been a serious problem for farmers who rely on accurate GPS readings to guide their tractors. 404 Media report. Unable to trust the system, many were forced to stop planting at critical times of the season.
Manan Dalal, CIO Satellite Assistant at the National Environmental Satellite Data and Information Service (NESDIS), said at the RSA conference that solar flares are becoming “more and more common” as daily life becomes ever more dependent on space-based technologies. It's becoming a problem.”
Satellite failures can affect everything from making global phone calls to predicting daily weather to predicting where hurricanes will make landfall, Dalal said. Said. 2023 solar flares Radios are experiencing outages around the world, and one New York village is already making continuity plans in the event a future event like a massive solar flare causes a month-long internet outage.
And space weather isn't the only threat. Nation states are increasingly interested in targeting their own space systems and interfering with other countries' communications, which could impact military operations, said Mike Mieke, assistant secretary of defense for cyber policy at the Pentagon. Mr. Oyan says. Defense, in the same panel. One example is Russian hacking. Viasat satellite network serving Ukraine.
Given the risks, governments need to ensure they can issue early warnings before major solar events occur, Dalal said, and several panelists called for further steps to strengthen space cybersecurity. He said it was necessary to take steps.
Securing space systems requires protecting each of three layers of technology: the technology on the ground, the equipment in orbit, and the technology that provides the communications link between the two.
The ground side includes systems that process data and distribute information, Dalal said. But Oyang points out that these are also the systems most vulnerable to hackers. This makes it especially important to ensure that strong authentication methods are in place, that technology is secure by design, and that other important cybersecurity principles are adhered to.
Meanwhile, communications between in-orbit equipment and ground systems must be encrypted and protected from attacks such as jamming and spoofing, Oyang said. Said.
Equipment in orbit is also threatened by external conditions.Making this technology safer could mean establishing international norms prohibiting anyone from carrying out activities that cause debris in space, Oyang said. Said.
One challenge, however, is that significant technological advances are likely to occur during the 10 to 15 years the satellite remains in orbit, making obsolescence a serious problem, Dalal said.
“Once you launch a satellite into orbit, it becomes operational. You can't send someone there to fix a problem,” Dalal said. “…We need to build systems that are even a little more responsive to these changes in technology. As a recent example, what happens when we are in a post-quantum world? Good. [for] Our encryption system is in space, so we can't go there and start manipulating it. ”
When it comes to space cybersecurity, governments cannot do it alone.
Since much of the space technology is procured from vendors, government and industry need to communicate closely. Oyang said businesses should share details of the threats they are seeing, and governments should share actionable information. The Space Information Sharing and Analysis Center (Space ISAC) is an effort to share space threat intelligence across the public and private sectors.
Tahara Dawkins, chief of staff at the U.S. National Space Council, said during a panel discussion that U.S. policymakers have not yet set consistent baseline cybersecurity requirements, leaving companies with no choice but to come up with their own various interpretations. He said no.
But Dawkins said a federal interagency committee is currently working to develop minimum cybersecurity requirements for “federally procured national security civilian space systems” that are expected to be completed this summer. We are also developing an implementation plan detailing concrete steps to implement the space systems cybersecurity principles outlined in Space Policy Directive-5.
