Space-based systems play such an important role in our daily lives. They support services that greatly enhance our collective quality of life; they facilitate commerce and enable economic opportunities; they help first responders respond to disasters and emergency situations; they provide us with telecommunications, GPS, Earth observation and data that is essential to fighting climate change; and they inspire us and help us better understand who we are, where we come from and where we’re going. In short, space systems are vital to daily activities today and will be vital to human aspirations for the future.
Just as we’ve seen with Earth-based systems, cyberattacks can happen to space-based systems too. And because of their interconnectedness and the importance of these systems, attacks can happen from anywhere by state and non-state actors wishing to cause harm.
Cybersecurity and the security of space-based systems is critically important. Think of it this way: certain attacks can disrupt vital systems such as banking, communications, government services, military assets and more.
While there are several forms of cyberattacks, we can’t forget that the cyber domain is human created and that the human remains the major threat to cybersecurity.
Some tech leaders have broken these human threats into four categories:
The first category has been coined as the pawn. This is a category of people who are unaware and are often manipulated into facilitating a cyberattack.
The second category is one they call the goof. In this category, we find people who bypass security practices because they underappreciate the threat their actions pose. People from the goof category account for 90 percent of all insider threats.
The third category is the collaborator. This category’s title is pretty self-explanatory: these are people who are actively working with outside entities such as competitors or nation-state actors to create cyber vulnerabilities.
And, finally, the lone wolf. This is a category of people who are often enjoying levels of higher security privileges and are often motivated by financial gain.
As you can see, there are many ways that the human link can play a central role in creating cyber vulnerabilities. For malicious external actors, targeting the human element is often much simpler than other forms of hacking and cyberattacks.
There is a massive supply chain involved in constructing, launching, operating and sustaining a satellite. There are so many actors in the supply chain providing parts and services from end to end that at any point in the process, a vulnerability could be introduced.
Managing the challenge of cybersecurity in space is made more complicated by the lack of a central authority monitoring all these activities. Governments and militaries have their own set of protocols and processes, sure, and so does the private sector, but there’s little commonality or coordination between all parties.
This is where governments can be leaders by setting standards, strengthening education — for example, by instilling cybersecurity best practices through STEM courses in elementary right through to post-secondary. And, finally, governments can be leaders by recognizing that space infrastructure is critical to human activities and prosperity and that there is a need to prioritize its protection. Space Canada also suggests that the Government of Canada create a National Space Council to help coordinate all of its policies, investments and programs regarding space.
The private sector has an important role to play as well. For businesses involved in any way with national security-related space systems like satellites, radar, and ground stations supporting situational awareness and telecommunications, they need to think about cyber defence as part of the product’s entire lifecycle by constantly looking for vulnerabilities — human or otherwise — and taking action to address them immediately.
And, finally, we need information sharing between governments and the private sector — observing the right protocols, of course — when incidents happen.
Both the space domain and the cyber domain offer immense potential for humanity as we look to address environmental, social and economic challenges. Let’s recognize the importance of space and cybersecurity, and let’s work together to minimize the threats to both domains to ensure a prosperous and peaceful future.