Part 1 of 2 Parts
SpaceX became the operator of the biggest active satellite constellation in the world last month. As of the first of February, SpaceX had launched two hundred and forty-two communication satellites. They plan to launch forty-two thousand more communication satellites in the next ten years. The reason for launching these thousands of satellites is to create low or no cost Internet access for the whole world. Amazon, OneWeb and other companies are working hard to place their own thousands of communication satellites in Earth orbit.
It is hoped that all these new satellites will revolutionize many facets of everyday life. These include bringing Internet access to every corner of the globe, detailed monitoring of the environment across the entire globe, and the improvement of the systems used for global navigation. However laudable these motives are, there is a serious danger that has not been given sufficient attention. The U.S. and other nations have not developed critical cybersecurity standards and regulations for commercial satellites. Commercial satellite constellations are terribly vulnerable to cyberattacks because of this lack of standards, the complex supply chains that are needed by the private space industry and the many stockholders of the private companies.
There could be very serious consequences if hackers gain control of commercial satellites. The least serious problem is having hacking shut down satellites which would deprive users of the services supplied by the satellite. Hackers could also jam or alter signals being sent by satellites which could interfere with and damage critical infrastructure with catastrophic consequences. It is even conceivable that hackers could change the orbits of the satellites causing them to crash into other satellites or even the International Space Station.
Companies who construct satellites, especially small CubeSats, use commercially available off-the-shelf components in order to reduce costs. The fact that these components are widely available makes it easy for hackers to analyze such components for their built-in vulnerabilities. Added to that is the fact that many of these commercial satellite components are based on open-source technology. This means that hackers could corrupt the open-source code of the satellite’s software. They could install back doors and other vulnerabilities in the open source code which would then be installed on the satellites.
Satellites are very complex devices. There are many manufacturers involved in the creation of the components needed. The launching of satellites is also a complex process that involved multiple companies. Many of the satellites currently in orbit around the Earth are being managed on an outsource basis. With every additional vendor in the supply chain for a particular satellite, the chances for hackers to insert themselves into the process increase.
Hacking some satellites may be as easy as waiting for them to pass overhead and transmitting malicious signals from specialized antennas. Satellites are controlled from ground stations. These ground stations operate computers that may also be vulnerable to hackers.
Please read Part 2 next