The space-cyber nexus involves a bidirectional exploration of both the space and cyber domains, which not only addresses the cybersecurity of space-based infrastructure but also covers space safety and security associated with cyber-driven spacecraft. Correspondingly, national space-cyber policies and governance measures follow the same logic. Against the backdrop of a parallel paradox of rapid growth in the global economy and technology, and intensifying confrontation among major powers, China, as a developing spacefaring nation, inevitably faces both emerging opportunities and threats in the entangled space-cyber frontier. Simultaneously taking into account the urgent need for new digital infrastructure development, as well as the inherent vulnerability of spacecraft and the space environment, China highlights the value of space-cyber convergence in its future national plans while also signalling concerns about security threats in this new area.
China’s Space-Cyber Integration Policy and Capabilities
In recent years, China has achieved remarkable progress in its space capabilities. These breakthroughs are well aligned with China’s national strategy to transform itself into a true space power in the next decade. Among these advances are the BeiDou Navigation Satellite System, Tiangong space station, Tianwen-1 Mars robotic orbiter, Chang’e 5 lunar sample-return mission, Mozi Quantum Science Satellite, DFH-5 ultra-high-performance communications platform and the China Seismo-Electromagnetic Satellite. It is evident that China is encouraging extensive research, development and innovation in the diverse directions of emerging space technologies. Among them, the integrated development of space and information technologies is one of the key focal points. While the overall construction is still in the initial exploratory stage, a clear profile of China’s policy orientation toward advancing the process of space-cyber integration has emerged, which is projected in both civilian and military activities.
In the civil space sector, the space-ground integrated information network (SGIIN) was designated as a major project in “China’s Science and Technology Innovation 2030” initiative. Two things signal a further upgrade of SGIIN’s merging process. The first is the official designation of satellite internet, fifth-generation mobile network technology and the Internet of Things as “new infrastructure.” The second is the emphasis on building a converged, high-speed, secure and innovative digital infrastructure through the deployment of a new generation of space-based information network technology, as found in the 14th Five-Year Plan (Creemers et al. 2022). China’s vision for the construction of joint space-cyber facilities is reflected as follows.
Functional aggregation: China foresees that future trends in the satellite constellation industry lie in the high-coupling effectiveness resulting from the superposition of multiple space-based functions. An example of this is a PNTRC (positioning, navigation, timing, remote sensing and communication) satellite system (Li and Shen 2020), which consists of hundreds of high-resolution remote sensing satellites, BeiDou navigation satellites, space-based satellite communication networks, and ground-based fifth- and sixth-generation mobile network and Wi-Fi technologies. Building the next generation of such a system would allow China to play a leading role in promoting “Internet + Space” (Yu 2020).
Orbital combination: Despite the late start of Chinese commercial low-Earth orbit (LEO) internet constellations, and the disadvantageous position of satellite deployment due to limited orbital resources, some systematic projects have been developed. These include China Aerospace Science and Technology Corporation’s Hongyan satellites and planned Xingyun-2 project, Commsat’s Ladybug-1 and Galaxy Space’s Yinhe program. Instead of merely focusing on the advantages of mobile communication of LEO satellite constellations, Chinese scientists have identified that the next step forward rests on the development of multi-layer space architecture that combines geosynchronous orbit, medium-Earth orbit and LEO satellite constellations (Si et al. 2021). This allows for the complementary advantages of different orbital devices in terms of signal coverage, network latency and transmission capacity.
Organizational diversification: Since the launch of the “go-out” policy, which aims to encourage Chinese enterprises to invest overseas, China has seen a surge in demand for mobile communications and internet coverage capabilities with global reach. To this end, in 2017, China initiated the Belt and Road Spatial Information Corridor to build a global digital infrastructure. It is working with the Asia-Pacific Space Cooperation Organization, the BRICS (Brazil, Russia, India, China and South Africa) Joint Committee on Space Cooperation and commercial space enterprises in a multi-faceted organizational format to improve space-based network coverage via the collaborative design of combined broadband-narrowband and multi-functional communication satellites, and the sharing of satellite constellation data.
In the military space domain, recognizing the shift of global military warfare to information technology-based intelligent and “informationized” battlefields, China has identified the inevitable trend of intertwined space-cyber-electromagnetic multi-dimensional warfare to become a future mode of confrontation, emphasizing the importance of integrated military combat operations (State Council Information Office of the People’s Republic of China 2019). As elaborated in the “Guidelines on Joint Operations of the Chinese People’s Liberation Army” (Finkelstein 2021), it is critical for China to accelerate the force integration process, which ensures that joint warfare operations break down the limitations of military service classification barriers and shift to cross-domain collaboration. Specifically, China will focus on the synchronization of space, cyber and electromagnetic and information warfare (IW) operations, and the guarantee of an immediate and unimpeded chain of command supported by networked information systems and operational data flow.
Force integration: China’s fifth military service, the Strategic Support Force (SSF), formed in 2015, is in line with such a military concept. The 2019 defence white paper describes the role of the SSF, which involves support for the battlefield environment, information, communications, information security and testing of new technologies (State Council Information Office of the People’s Republic of China 2019). The principal structure of the SSF is a two-tiered echelon of Space Force and Cyber Force, with responsibilities that include, but are not limited to, strategic information support and IW operations; space and cyber operations; strategic command, control, communications, computers, intelligence surveillance and reconnaissance support; network-electronic countermeasures; intelligence reconnaissance; and psychological warfare capabilities.
Military-civil fusion: Although China’s space-cyber integration process remains in the early phases of development, being aware of the growing need to optimize the dual-use value of space-based assets, leverage scarce orbital resources and harness commercial talents, China is considering following the principles of military-civil fusion. The policy framework developed by the Ministry of Science and Technology in the
“13th Five-Year Special Plan for Science and Technology Military-Civil Fusion Development” (PRC Ministry of Science and Technology 2017) and the State Council’s “Opinions on Promoting the Deep Development of Military-Civil Fusion in the National Defense Science and Technology Industry” (General Office of the State Council of the People’s Republic of China 2017) stressed the importance of joint military-civilian efforts to build an integrated space-to-Earth cyberspace infrastructure.
A new space race is under way, says @Yue__Yuan. China is challenging US supremacy, and the space-cyber nexus will be an important area to protect.— CIGI (@CIGIonline) February 3, 2023
Learn more by reading "Chinese Thinking on the Space-Cyber Nexus": https://t.co/0zPAU5E7ND pic.twitter.com/xDE1Vljwkm
Cyberthreats in Space
Spacecraft launchers and platforms are cyber-physical systems, and the design and functioning of space systems rely heavily on the availability, integrity and confidentiality of cyber operations involving the computation, processing and exchange of information. However, the innate vulnerabilities of space-based assets are exposed more saliently in the synergistic interaction between cyber and space capabilities, and the invisible cyberattacks can negate the viability of space systems.
China has been continuously following the latest developments in cyberthreats in space. For example, a series of cyber operations conducted during the Russia-Ukraine crisis in 2022 has impressed upon China the pervasiveness, maturity and severity of the use of cyber means in the space domain during military conflicts. The Chinese government (Ministry of Foreign Affairs of the People’s Republic of China 2022) worries that the massive use of cyber means and the deployment of cyber forces could lead to uncontrollable consequences and even the risk of triggering a nuclear strike, especially given that the United States at one time considered expanding the scope of nuclear retaliation in the event of “significant non-nuclear strategic attacks” (Office of the Secretary of Defense 2018, 21). It is not the first time China has conveyed such a concern. Chinese experts questioned the United States’ “persistent engagement” policy, which mandates Cyber Command to operate everywhere and anytime, and “left-of-launch” policy, which is based on a pre-emptive strike with cyber technologies, arguing that such actions could lead China to view any cyber intrusion as a deliberate breach of its nuclear deterrence capabilities (Levite et al. 2021, 16).
China’s growing threat perception also lies in the sabotage of dual-use command, control, communications and intelligence (C3I) systems. China worries that cyberattacks against space-based C3I assets — in particular, damage to related navigation, early warning and communications functions — will lead to an unintended escalation of conflict (Zhao and Li 2017).
The low-cost and large-scale satellite constellations spawned by the accelerating commercial space industry have built-in flaws that make them vulnerable to cyberattacks.
Moreover, the cyber risks exposed to the BeiDou navigation satellite system are widely discussed. Vulnerabilities can be found in any segments (Wang et al. 2020), such as eavesdropping on integrated systems connecting ethernet, fibre optic and wireless networks; illegal switching on of chips and modules; and malicious access to the location and trajectory of specific targets, which will threaten national defence security and affect the applicability of the BeiDou system for civilian use.
Finally, the low-cost and large-scale satellite constellations spawned by the accelerating commercial space industry have built-in flaws that make them vulnerable to cyberattacks. Given the limited information-processing capacity of the on-board payloads of small satellites, a SYN (synchronized) flood attack aimed at depleting server resources can easily paralyze them. Besides, driven by the collaborative economy, commercial satellite companies often use open-source software and code, as well as shared data storage centres, all of which can serve as irresistible bait for cybercriminals.
Space Threats Posed by Internet Constellations
Not only can cyberthreats wreak havoc on satellites, but the constellations themselves also pose threats to space safety and security.
Collision risks: Experts noted that the unfettered expansion of the mega-constellation of internet satellites in orbit will result in unavoidable spectrum sharing and interference, as well as a high risk of catastrophic collision and long-lived debris (Arroyo Parejo, Sánchez Ortiz and Domínguez-González 2021). The threats are real, and incidents have occurred. For example, in 2020 and 2021, respectively, SpaceX’s Starlink-1095 and Starlink-2305 satellites had close encounters with a Chinese-manned space station. To protect the lives of the astronauts, and to avoid an unacceptable space collision, the space station had to conduct evasive manoeuvre actions twice.1 In the absence of a multilateral governance mechanism and space traffic management rules covering all actors, such emergencies will eventually become inevitable with the exponential growth in the number of small satellites.
Military use: Although in-orbit satellites have limited exposure to direct cyberattacks (Manulis et al. 2021), it is still probable that denial of service attacks are executed against the software used on the satellites. New satellite-to-satellite cyberattacks aimed at sensors and actuators have emerged (Falco 2020), which may be practicable if backed by rendezvous proximity operations. This raises questions among Chinese experts about whether internet satellite constellations have the potential to act as a new type of co-orbital anti-satellite weapon, which may conduct cyberattacks on other co-orbital satellites in a swarm architecture, as well as to enable cross-border illicit data flows on the ground in the future (Xu and Gao 2020). In light of this, more discussion is needed on the regulation of internet constellations within the international process on mechanisms for space arms control.
China’s Governance Measures
Recognizing that while the space-cyber nexus will bring great opportunities, it is also intertwined with novel and uncontrollable threats, China is exploring initial visions of governance measures from both domestic and international perspectives.
Space environment management: China has put in place a series of regulations and measures on space governance. For example, the China National Space Administration established its Space Debris Monitoring and Application Center and issued the “Management Measures for Space Debris Mitigation and Protection” in 2015. Notably, China has also enhanced supervision over the commercial space industry and small satellite constellations, releasing the “Notice on Promoting the Orderly Development of Microsatellites and Strengthening Safety Management” and planning to build an asteroid monitoring and defence system in 2025.
Cross-domain situational awareness: Compared with traditional space powers, China’s space situational awareness and satellite cataloguing capabilities are still far from adequate. Meanwhile, challenges also emerge in how to enhance cyber situational awareness in space. Chinese scientists have proposed the idea of building an ontology of cyber situational awareness for satellites (OntoCSA4Sat), which advocates a knowledge-reasoning approach to detect latent vulnerabilities and cybersecurity flaws in satellites, although more worldwide cases are needed to validate it (Liu et al. 2022).
Zero trust architecture: In 2021, the China Electronics Standardization Association released the “Technical Specification for Zero Trust System,” which represents China’s first national technical standard for zero trust architecture (ZTA). As a new cybersecurity concept, ZTA aims to deny malicious intruders by requiring all users to authenticate before being granted access to the database. Research indicates that, with software design and system adaptation, ZTA can achieve a high degree of compatibility with satellites’ cybersecurity defence mechanisms in the future (Song et al. 2021).
The “due regard” obligation and mega-constellations in the prevention of an arms race in outer space: Article IX of the Outer Space Treaty obligates states parties to the treaty to engage in space activities “with due regard to the corresponding interests of all other States Parties.”2 A Chinese representative suggested that the future international regulations of military cyber activities in space should also be in accordance with the above principles (Wang 2019). To be specific, as elaborated in the draft UN guidelines for the long-term sustainability of outer space activities,3 measures should be considered to respect the legislative jurisdiction of states over space assets, and to prohibit the malicious use of information and communications technology tools to compromise the security and resilience of foreign space objects and facilities. Meanwhile, voices were heard regarding the topics of preventing the over-militarization of LEO mega-constellations and their inclusion in the future prevention of an arms race in outer space (PAROS) agenda (Wang and Wei 2022). Such ideas may encourage more stakeholders to participate in the future discussion, thus creating a “catfish effect” that could break the stalemate in the face of the uncompromising mindset of divided UN member states in the traditional PAROS negotiation process.
Space-cyber crisis management: In the context of growing military confrontation between major powers, the absence of crisis management mechanisms in the new strategic areas — where cyber, space and nuclear capabilities are intertwined — would be extremely dangerous. With this in mind, Chinese experts advocated for the establishment of a strategic stability architecture among the major powers with a broader definition, which should encompass methods for preventing cyberattacks on nuclear facilities and nuclear command, control and communications systems, as well as assets in space (Yao 2021). Echoing this, practical recommendations fall under the creation of a multilateral computer emergency response team, military hotlines between national defence ministries, and predesignated diplomatic channel communications related to attribution in the event of a suspected cyberattack (Levite et al. 2021).
At present, China is engaged in the preliminary exploration of space-cyber integration, while realizing the multiple emerging threats and consequences of the regulatory vacuum that this new frontier poses, and is therefore expediting the adoption of responsive governance measures. However, China’s unilateral efforts are far from sufficient in the context of intense global competition and the fog of ambiguous international space-cyber regulations. All members of the international community must join in efforts beyond the barriers of political prejudice to prevent the escalation of space conflicts and their spiralling into space-cyber war. Such efforts will rely significantly on multilateral dialogues, international consensus building and the eventual establishment of related international regimes.