Cyber concerns linger for USSF

The US Space Force (USSF) remains the subject of chatter, curiosity and not a little concern as it approaches its first birthday in December.

The space service branch of the US armed forces is tasked with executing an array of complex missions but some observers worry that cybersecurity is not being accorded the importance it deserves.

Military and commercial satellites are of vital importance for US homeland defence and critical infrastructure protection. It is therefore essential to protect the digital data streams that link manufacturing, supply chains, launches, ground control stations, navigation and communications tools, orbital operations and guidance systems.

Recent history underscores the cyber vulnerabilities facing US space systems. For instance, NASA was hacked in 2018 by interlopers that the space agency’s Inspector General called an ‘advanced persistent threat’ (a term generally used to describe a nation state).

Speaking to Shephard, space cybersecurity analyst Dr Gregory Falco touched on key pieces of the cyber challenge facing the USSF. He called for security to be elevated to a higher place in the agenda, ‘to make space assets critical infrastructure’.

Falco added: ‘I think this would totally change the game from a perception standpoint, but also make security a front-and-centre issue in the space community.’

Falco wrote a paper called ‘Job One for Space Force: Space Asset Cybersecurity’ for the RAND Corporation in 2018, in which he warned of potentially ominous consequences unless protection of satellites and their supporting infrastructure is not improved.

‘Job One’ may have been a wake-up call for the Trump Administration, which launched the Space Force Information Sharing and Analysis Center (ISAC) soon afterwards. It also directly addressed cyber security for space systems in Space Policy Directive-5 (SPD-5), published in September 2020.

ISAC ‘has a long way to go, but is working in earnest to advance the space community in terms of cyber security’, Falco noted. ‘Designated teams are being built out for space mission systems; it is being acknowledged that “the [Information Technology] guys” aren’t the right ones to be securing mission assets.’

As for SPD-5, he stressed: ‘The greatest buy-in by those that mattered was demonstrated with its creation.’

Falco claimed that the codification in SPD-5 of cybersecurity principles for space systems was particularly important, as ‘a firm nod to how these issues must be taken seriously’. 

Even so, the USSF should arguably pay more attention to the range of threats and techniques employed by near-peer adversaries and other hostile actors. Falco mentioned jamming, signal/cyber misdirection, and bugs in foreign-sourced hardware and software as examples of attack vectors.

The US has a considerable (albeit classified) arsenal of cyber defence and counter-attack tools at its disposal but Falco noted scope for improvement. Most satellites have various ‘system health indicators’ and monitors, he said. ‘This needs to start including security health monitors, specifically on ‘edge’ devices... Right now is a good time.’