Experts call on U.S. government to guard against cyberattacks on space systems

Space satellites provide essential services to support national security and the civilian economy. However, experts said Oct. 19 that the U.S. government doesn’t technically consider space systems “critical infrastructure,” slowing efforts to protect networks from cyberattacks. The call from industry experts sends a strong signal ON whether to add space systems to the list of critical infrastructure areas in the United States.

“We’re still debating whether space is critical infrastructure,” said Dawn Beyer, a senior researcher at Lockheed Martin. At the same time, “of all domains, space is the laggard in terms of cybersecurity.”

The U.S. government has spent years debating what the cyber domain should be called and who should be in charge, and “Russia has used it against us in information warfare,” Bayer said in a report by The Aerospace Corporation and the Center for Space Information Sharing and Analysis (referred to as the Center for Space Information Sharing and Analysis). said at a virtual panel discussion hosted by ISAC. ISAC is an industry group focused on cybersecurity for space systems.

A similar situation is happening in space, Beyer said. “We seem to be spending a lot of time trying to figure out what should be so simple, and we should be spending a lot more time trying to figure out how to defend the space because the risks are always changing.”

The Department of Homeland Security has identified 16 critical infrastructure sectors, including the chemical industry, medical defense, and financial services. According to the Department of Homeland Security, the assets, systems and networks of these sectors, whether physical or virtual, are considered critical to the United States, and if they are incapacitated or compromised, they will be critical to national security, the national economy, and the Destructive impact on security, national public health or safety.

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency works with federal agencies and the private sector to provide cybersecurity tools and incident response services when these critical sectors are under attack.

Space systems should be a designated critical infrastructure, said Samuel Visner, a technical fellow at MITRE and an ISAC board member. It includes launch systems, manufacturing plants, orbiting satellites and ground communication systems.

Technologies and capabilities in space are unique and cannot be replicated in other sectors of the economy, so they should be better protected, Visner said.

“Propellants built for space are unique. Engines built for space are unique, and many systems and subsystems built for space launch and space mission systems are not necessarily covered elsewhere,” he said. There are emerging space activities that will continue to join the space economy, such as space travel, space exploration, and eventually some manufacturing will take place in space.

The inclusion of space on the list of critical infrastructure areas would send a strong signal, said Charity Weeden, vice president of global space policy and government relations at Astroscale America.

“Branding is important to show that this is a priority,” she said. Weeden said that if the responsibility for coordinating space activities was assigned to a federal agency like the Commerce Department, designating space as critical infrastructure “would help To make sure whoever takes over gets the right resources.”

The issue has already caught the attention of Congress. In June of this year, the chairmen of the Congressional Space Caucus, Rep. Ted Lieu (D-Calif.) and Rep. Ken Calvert (R-Calif.), introduced the Space Infrastructure Act. The bill directs the Department of Homeland Security to designate space systems, services and technologies as critical infrastructure sectors.

“The critical infrastructure statement is overdue,” but that alone isn’t enough to ensure systems are protected, Visner said. Since all networks are interconnected, there is still a lot of work to be done to coordinate government and private sector cybersecurity efforts, he said. “That’s another issue that needs to be addressed.”

He said this should be seen as the nation’s top priority. “Our adversaries see space as critical to their national interest, they see space as critical to our national interest, and frankly I think they see it as a weakness in our national interest that they can exploit.”

The Space Information Sharing and Analysis Center (Space ISAC) was officially established in April 2019 as a 501(c)(6) non-profit organization. Officials from several government agencies and the National Space Council proposed a space-focused ISAC two years ago because of the importance of space as critical infrastructure, with space ISAC board chairman Frank Backes, senior vice president of Kratos, as sponsor. The company is a founding member of Space ISAC. An additional 10 companies joined as founding members. Some people don’t want to reveal their identities. The University is also represented in the Aerospace ISAC. Founding members include Booz Allen Hamilton, SES, Lockheed Martin, MITRE and Parsons, among others.