Home >> September 2021 Edition >> Keeping Satellites Secure In The Modern Space Race
Keeping Satellites Secure In The Modern Space Race
Thorsten Stremlau Trusted Computing Group (TCG), Marketing Work Group Chair

 

Over the past decade or so, we have seen a huge surge in the number of satellites being sent up into orbit, driven by the increasing role of satellite in today’s technology.

Digital connectivity is sending data demands through the roof and, alongside satellite broadband, it is the primary driver of the mass adoption of satellite technology. Technology organizations are deploying entire satellite constellations to deliver the high-speed connectivity, bandwidth and capacity that is needed to satisfy demand. No matter whether you are on land, at sea or in the air, users expect to have high-quality connectivity and satellite is key to providing this. Space once had a high barrier to entry, but now we are seeing commercial businesses get involved too. Earlier this year, Virgin Orbit joined other private companies, such as SpaceX, that can launch satellites into orbit, with more expected to follow suit. 



As our lives become increasingly digitally driven, they are also becoming more connected as we now rely on the internet more than ever before. It is not just our laptops and phones that are now connected, but also our tablets, watches, fridges and even the lighting systems in our homes, that are all synced up. The need for constant connectivity has led to increasing demands that satellites are helping to meet. However if one single device is not encrypted or the communication is not protected, a hacker can manipulate it and gain entry to the whole network of connected devices it is linked to, with potentially serious consequences. 

Cybersecurity Risks 

We are witnessing an increase in mission critical communications traveling across satellite broadband, to the point where the satellite communications infrastructure becomes paramount, even on land. We are sending an increasing number of data points up into space all the time, and we must secure them. Already this year, we have seen security protocols be disrupted and compromised, as hackers are now focusing on well-established hardware and firmware technology. If a company spends a decade securing its devices and this is then breached, it is a huge loss of time, resource and money. To protect against this, future-proofed technology must be developed and implemented to ensure security, as more often than not, this is left as an afterthought. 

If security is not a high priority, organizations face the detrimental consequences of a cyberattack. Financial losses are common, with cybercrime expected to cost the world $10.5 trillion annually by 2025, according to a Cybersecurity Ventures report. There are also legal implications due to breaching data protection laws, as huge amounts of sensitive data are communicated every day. Satellites are not only used by commercial companies, but also militaries, governments and healthcare organizations. If sensitive data is breached, there may be serious consequences, which could even include or lead to loss of life. 

Challenges: Securing Satellites In Space 

While a rise in satellites and data traffic means a greater risk of vulnerabilities on the network, security is made challenging by the isolation of satellites in space. Unfortunately, we are unable to send someone up to maintain the satellites. 

The hard work needs to be done on the ground, before the satellite is sent up, to ensure a level of trust is established between Earth bound devices and satellites. The operating lifespan of a satellite varies, but some can work effectively for as many as 15 years. 

Unable to head up to space and manually ensure a satellite is still fit for purpose, it is important that the infrastructure and solutions within each of the satellites are able to handle upgradability in a secure way, while also maintaining redundancy and the mission critical aspects of a satellite. 

The first step is for organizations to understand the vulnerabilities they have and how they could be exploited by cyberattacks. A common example of this is working with legacy satellite communications that are difficult to upgrade and update. Therefore, significant testing is key to ensure any upgrades do not interfere or impact other key system functions. Old IT equipment used in satellite networks often has a low security level and weak encryption, making it a prime target for hackers to exploit. 

Guaranteeing Cyber Resiliency 

To ensure satellites are protected, solutions need to be implemented into the satellite that allow components to protect, self-identify and self-recover, knowing when they have been modified or configured. Network security infrastructure acts as a firewall to prevent cyberattacks, as it enables communications to be authenticated at every stage of data transmission before it gets sent up to the satellite. This plays a key role in establishing overall satellite network visibility by ensuring the devices that are communicating meet compliance requirements, have access control and provide orchestration. 

Trusted computing technology ensure trustworthiness of devices, device identity and security validity, and should play a key role in the designing and manufacturing of a satellite. An example of this is a component within a device called a root of trust. 

A root of trust forms the foundation of the device and can be secured for a defined range of applications. A root of trust undergoes comprehensive security validation and crucially, therefore remains trusted throughout a device lifetime once deployed. A root of trust is a key aspect of security, as it is the generation, storage, and protection of a cryptographic device identity, which serves as the all-important vehicle for demonstrating trust worthiness. 

With many different companies now entering the modern space race, it is vital that the right architectures, specifications and standards are followed to ensure the risk of attacks are greatly reduced. With the correct cyber resilient architecture in place, devices can be recovered even after they have been compromised. 

Industry standards and specification, such as the Cyber Resilient Module and Building Block Requirements, should be incorporated to mitigate threats and develop a solid foundation for cyber resilience. These particular specification not only enable increased security, but also detect malware and enable the recovery of a device once it has been compromised, minimizing time and resource. With the sheer volume of devices and products being released to market, it is vital to have in-built measures that facilitate a recovery process. If industry guidance is followed and applied universally, the entire ecosystem will benefit from a potential new layer of protection against cyber threats. 

Satellite Cybersecurity In The Future 

Securing satellite technology with high throughput, high burst communication well into the 12-year lifecycle is a paramount requirement for the viability of a communication provider. 

Attacks using sabotaged payloads of seemingly innocuous commutation are on the increase, as are DDOS and speculative execution-based attacks to subvert hardware. 

The need for quantum resilience is going to increase moving forward and industry organizations have already started work making certain that algorithms and solutions are suited for future enhancements around quantum computing. As global boundaries in component manufacturing blur, yet supply chain attacks rise, the need for standards is increasing. By adopting industry standards, many attempted hacks can be made much more difficult to accomplish, without having to compromise satellite efficiencies. 
trustedcomputinggroup.org