Celestial cybersecurity: Satellite operators can no longer ignore cyber risks when designing new satellites or support systems, delegates to the first European event dedicated to satellite cybersecurity heard last week.
The Cysat ’21 conference brought together ethical hackers and security researchers with space start-ups and decision-makers from the space industry.
End of an era
James Pavur, a security researcher and Oxford University PhD student who has done extensive research into satellite broadband security risks, told The Daily Swig that the era when satellite systems were beyond the reach of hackers is coming to an end.
“Satellite systems used to be made up of expensive kit, about which there was not much info, that were highly customised and bespoke,” Pavur explained.
Despite the glamorous allure of getting into satellite systems, malicious hackers were effectively dissuaded from chancing their arm by “security through obscurity” – something the space industry can no longer count on after borrowing standardized hardware and software development practices from IoT and enterprise systems, according to Pavur.
Security incidents involving satellite systems have historically involved breaking into Windows computers in ground stations (“the weakest link”, said Pavur) but now more thought is being put into radio frequency exploits.
This is a concern for the future because some in the space industry still transmit telemetry protocols with no cryptographic protections.
“We’re better at understanding how to secure ground computers than how to secure satellites,” according to Pavur.
Ignacio Chechile, CTO at space start-up ReOrbit, backed up Pavur’s assessment that immature cybersecurity practices were common in the space industry by referring to one unnamed operator that used Telnet to communicate with a satellite over an unencrypted CCSDS link.
This is an area of potential exposure because a hobbyist can now, for just a few hundred euros, buy hardware that would allow them to track a satellite. An accessible physical layer plus vulnerabilities and no patching is a recipe for potential trouble, Chechile warned.
Other speakers at Cysat urged the adoption of an onion-like approach featuring multiple layers of protection, compartmentalization, and redundancy as a defence against potential attack.
Work along these lines has already been undertaken in segments of the space industry, where best practices and solutions for securing satellite communications are been developed.
One of the most promising initiatives in the arena is the US Air Force’s satellite hacking challenge, Hack-a-Sat, which took place virtually as part of last year’s DEF CON.
Xavier Hehrenberger and Aris Adamantiadis, two ethical hackers who took part in the competition, reaching its final round as part of the SolarWine team, spoke with enthusiasm about the event, which they hope will be repeated.
Also at Cysat, Eoin Carroll and Christiaan Beek, researchers from McAfee who mapped out the space threat landscape in a pair of blog posts (here and here) last year, explained how lessons from terrestrial security systems can be applied to secure space-based systems.
No air gap
While sending a system into space might seem like a way to create the ultimate air gap, real-world attacks have still taken place.
In 2008, for instance, the Johnson Space Centre was infected with malware which was used to disrupt the uplink to the International Space Station. More recently, the Turla threat group hijacked a DVB-S satellite link in 2015, and last year Vesser Precision, an aerospace supplier, was hit by the DoppelPaymer ransomware.
In addition, Beck referred to examples where satellite telemetry data was left on open databases, and the possibility that attackers could scrape keys or other credentials software developers working on space systems had left on GitHub.
Security researchers such as Pavur have carried out work that shows other potential areas of exposure, such as the hacking of SATCOM terminals and GPS spoofing attacks.
“Developers need to incorporate security into their design,” Pavur told The Daily Swig. “It’s a time of exciting change but the next three to four years will shape how the space technology sector develops.”
Space engineers have historically focused on building reliable satellites. With easier access to space and the surge in start-ups collecting critical data and delivering valuable services, space assets have become an attractive target for criminal hackers and nation-state spies.
The organisers of Cysat estimate that, currently, 5,774 satellites are in orbit, with more than 1,000 new satellites due to launch annually in the next decade – faster than older satellites are taken out of commission.
“Now is the time to build a European ecosystem able to respond to the current and future challenges of securing space assets, data, and services,” according to Cysat organizers.
Cysat ’21 was organized by AP-Swiss, the Ambassador Platform of the European Space Agency’s Applications programme in Switzerland, and CYSEC, a local cybersecurity firm. The event took place from March 15-17 in a hybrid format – online and in Davos, Switzerland.