The communications transformation fuelled by the internet has been immensely progressive and it is well known that this distributed network has provided the backbone of the Information Age.
There is, however, a little known fact that satellites have played an important role in extending global connectivity and providing heterogeneous internetwork resilience - something that we perhaps take for granted today. Unfortunately recent events have identified a number of weaknesses that were in fact predicted as far back as 2001 within a United States Senate report.
It was surmised then that satellite system vulnerabilities could be exploited and the associated risks should be combatted through: the implementation of secure data links; protective measures at the satellite ground stations; and / or secure approaches that enhance availability.
Unfortunately, under the right conditions, and through implementation oversights relating to the first two, hackers can use such deficiencies as cyberattack vectors. These could provide an opportunity for hackers to cause a negative physical impact pertaining to the third.
Important technologies
Approximately 52 per cent of satellites are located in low Earth orbit (LEO), which is a geocentric orbit up to 1,243 miles above the surface; this is ideal for photographic satellites such as Cubesats and some US National Oceanic and Atmospheric Administration (NOAA) satellites, as well as real-time voice telecommunications satellites such as Iridium.
The most well-known orbit is the geosynchronous Earth orbit (GEO) in which 41 per cent of satellites reside at 22,236 miles altitude; most satellite communications (SATCOM) spacecraft reside in particularly desirable, cluttered and highly regulated orbital slots and radio frequency (RF) spectrum allocations issued by the International Telecommunications Union.
The medium Earth orbit (MEO) is the space for the remaining 7 per cent such as Global Positioning System satellites, which are in an intermediate circular orbit at an altitude of 12,500 miles. The graveyard orbit, in high Earth orbit, is where higher altitude satellites are despatched at the end of their usable life. LEO vehicular orbits tend to decay backward toward the Earth where spacecraft mostly burn up on re-entry through the Earth’s atmosphere.
Traditionally satellites have been used to relay narrowband telecommunications under 1GHz encompassing L band in LEO.
This has extended into wideband ranging from below 4GHz to 40GHz S, C, X, K series bands into high capacity broadband in Ka; high capacity is now pushing the envelope through Q, V and W frequency ranges between 30 to 75GHz and 75 to 110GHz retrospectively. The achievable data-rate is dependent on the orbit and SATCOM has progressed immensely enabling, at best, a honeycomb of multiple beams to provide high-throughput data services over a large area of the Earth.
The increase in data-rates is enormous; expanding from a measly 480kbps at the top of the L-band to 130Gbps, achievable through ViaSat1 Ka band in GEO, upwards to an expected 350Gbps in the Ka band with ViaSat2 by late 2016. MEO is fast becoming more necessary for SATCOM as it offers less delay than GEO; the latter usually has a round trip latency of around 500ms where the former is now known as the ‘fibre optic orbit’, achieving broadband throughout at around 100ms.
As a consequence a SATCOM programme called the ‘Other 3 Billion’ (O3B) provides MEO SATCOM mobile and internet coverage to developing nations from a 5,000 mile high orbit.
Vulnerabilities and cyber threats
Space is a harsh dominion where satellites are constantly bombarded by space weather and their uplinks/downlinks are affected by atmospheric attenuation and depending on the frequency band global weather interference. Notwithstanding these issues, hypothetically satellites can be susceptible to RF jamming.
In addition congested orbits increase the probability of space collisions, which could knock-out satellites. Notably in 2014 the International Space Station had to be manoeuvred three times to avoid prolific space debris.
This risk has been reinforced and epitomised by the 2007 Chinese anti-satellite kinetic weapon test that created a shroud of unnecessary space debris and an ensuing international political outcry; worryingly it is claimed that China may soon have the capability to destroy every satellite in orbit.
Historically the probability of mechanical satellite failure is greater than electrical – although platform computer malfunctions cannot be discounted. There is now evidence of cyber attack attempts that were conducted against National Aeronautics and Space Administration (NASA) low-Earth environmental monitoring satellites between 2007 and 2008; whereby the telemetry, tracking and command link via an Arctic ground station was used as the conduit for the attack.
In 2014, it became apparent that unpatched software, poor configuration or misconfiguration were evident on satellites being built as part of NOAA’s Joint Polar Satellite System space segment – providing an attack surface onboard the platforms themselves. Newsworthy reports in the same year alleged backdoors and insecure protocol usage in commercial satellite terminals and patching was advised to alleviate vulnerabilities in some user segment equipment.
The lack of encryption on data channels has been diagnosed as a flaw for an established commercial satellite-borne tracking and monitoring system that could enable hackers to manipulate, spoof or affect the reliability of data being transmitted.
In 2013, it appears that a NOAA contractor’s laptop was infected with malware and was subsequently used by a remote attacker to exfiltrate data from a national environmental satellite, data, and information service system onwards to a suspicious external IP address.
In addition the well-publicised cyber-attack of late 2014 against NOAA’s four websites caused an unscheduled outage of their networks; the effect being the cessation of their customer facing global data services supplied from their LEO and GEO constellations - creating a denial of service.
Fatal consequences?
Satellites are inevitably becoming more crucial than ever in our digital world. Whether SATCOM orientated, Earth facing scientific, meteorological, photographic or astronomy focused; they are all supplying data and services for the 21st century consumer.
The positive outcome of satellite technology, for instance, has enabled third generation cellular infrastructure providers to use SATCOM as backhaul links over many years. This approach is liable to continue to provide supporting data service trunks for increasingly important fourth generation mobile technology and beyond.
It is clear that oversights across the space industry are potentially quite serious and could affect the confidentiality, integrity and availability of some satellites and satellite services - as predicted in the 2001 Senate report. Only recently the hacker group AnonSec demonstrated intent by trying to crash a NASA drone; their modus operandi was to alter the flight plan after taking control of ground segment servers, but only after having been allegedly resident in NASA networks for some months.
It is entirely feasible that the Kessler Syndrome, usually linked to the consequences of the build-up of space junk, could be instigated and accelerated by hackers. Hackers may have the guile to irresponsibly take control of a vulnerable satellite and naively cause accidental or deliberate collisions in a congested orbit.
Such an act is not beyond reason and could be the catalyst for a catastrophic self-sustaining orbital collision, conceivably wiping out some of mankind’s satellite constellations in the process!
On the weight of this evidence the cyber security of the space segment, the requisite user segment, and especially the ground segment command and control systems should be made justifiably more robust moving forward.