Trending News
Home / Cyber / Cyber and Encryption Security for National Security Space Systems and Low Earth Orbit Constellations

Cyber and Encryption Security for National Security Space Systems and Low Earth Orbit Constellations

Our modern way of life depends greatly on space assets. These assets are mostly either unprotected or have minimal protection against cyber-attack. For example, the Iridium satellite network that was built in the 1980s, the messages are sent in plaintext format using the GSM standard, whose specification is completely public. Today, components, such as the software-defined radio can be brought of the shelf that the Chaos hackers used to eavesdrop on Iridium’s unencrypted messages.

 

Military strategic and tactical missile systems rely on satellites and the space infrastructure for navigation and targeting, command and control, operational monitoring and other functions. However, insufficient attention has been paid to the increasing vulnerability of space-based assets, ground stations, and associated command and control systems.

 

Vulnerabilities abound even in highly sensitive systems, such as civilian and military satellite constellations that are used for communications, navigation, time synchronization for distributed systems (think “power grid”), weather forecasting, and deterrence weapon systems.

 

For example, many military constellations rely on encrypted transmissions from the ground-control segment to the spacecraft, but have no further defenses, such as least permissions, intrusion detection, and mitigation, should an attacker manage to circumvent the encryption.

 

Cyberattacks on satellites would undermine the integrity of strategic weapons systems, destabilize the deterrence relationships and obfuscate the originator of the attack without creating the debris problem that a physical attack would cause. Because cyber technologies are within the grasp of most states (no matter how small or impoverished) and non-state actors, they level the strategic field and create hitherto unparalleled opportunities for small belligerent governments or terrorist groups to instigate high impact attacks,” the Office of the President of the United States stated in their 2011 International Strategy for Cyberspace,

 

DARPA and DoD are interested in moving toward satisfying DoD space missions with large constellations of inexpensive satellites in low earth orbit (LEO). This distributed approach provides both redundancy and resiliency, as well as other benefits.

 

However, the success of national security missions that use space systems, depends on fully integrating cybersecurity into the planning, development, design, launch, sustained operation, and decommissioning of those space systems used to collect, generate, process, store, display, transmit, or receive National Security Information (NSI), as well as any supporting or related infrastructure.

 

DARPA has launched program on Cyber and Encryption Security for National Security Space Systems and Low Earth Orbit Constellations.

 

Attack Vectors and Vulnerabilities of Space Assets

Space assets depend on the integrated working of space segment and ground segment. When space segment consists of multiple satellites working together for a common purpose, such as with the Tracking Data Relay Satellites (TDRS), they are collectively referred to as a constellation. The ground segment is a set of geographically distributed stations with powerful satellite communications (SATCOM) equipment that can send command and control telemetry to satellites and receive telemetry data from the satellite’s systems and instruments.

 

The types of attack to which satellites are vulnerable fall into two primary categories: physical attacks and computer-system attacks, writes Ryan Hutchins in Cyber Defense of Space Assets. Physical attacks are those directed either directly against the satellite’s physical bus or transmitted signals. The vectors for physical attacks vary greatly transmitting signals that mimic a satellite’s or ground control station’s signals but contain false information, or “spoofing,” is a physical attack, as is jamming. But physical attacks also include anything from anti-satellite missiles to a “spray-paint attack, wherein” one satellite gets close enough to another satellite to spray paint its optics, rendering them blind.

 

Computer system attacks, on the other hand, are attacks that affect the computing systems present on a satellite. The ultimate goal in these attacks is unauthorized access to the satellite’s instruments, bus, and data. Common vectors for these attacks are the introduction of malware into hardware in the supply chain, and compromise of the ground units that communicate with satellites, including the ground control stations of, for example, the Air Force Satellite Control Network and NASA, or field-deployed SATCOM radios. These ground systems have many of the same software vulnerabilities that plague other computer systems.

 

The most prominent potential ingress for a cyber-attack against such a system is the ground-control station. A hacker that compromised the station could take complete control of a spacecraft by sending messages prior to encryption.

 

Broken user credentials are likely to allow a malevolent actor to establish an advanced persistent threat in a satellite network. An advanced persistent threat (APT) is a stealthy set of hacking processes that continuously affect a system over time. APTs are most often used to exfiltrate vital information from a business or government target over a long period of time.

 

The vulnerabilities responsible for enabling these threats are divided into three categories: software vulnerabilities, hardware vulnerabilities, and insider threats. Insider threats are threats caused by individuals who have been granted trusted access to the internal network.

 

The most important software vulnerabilities afflicting military space systems are, the same as common vulnerabilities in particular, backdoors, hardcoded passwords, remote code execution (RCE), insecure protocols, spoofing, hijacking, SQL injection, insecure authentication, and file upload flaws are of primary concern.

 

Finally, there is the threat that the hardware used to construct these systems could be used to deliver a hardware attack. This vector has recently been at the focus of cyber security news because its use in Mirai botnets. Chinese manufacturer, XiongMai Technologies’ line of IoT products have hardcoded default passwords in their firmware. The Mirai malware logs into these firmware backdoors to take control of these devices and incorporate them into massive botnets that can deliver devastating DDoS attacks.

 

The attacker could also leave behind an advanced persistent threat, to make strategic use of compromised satellites at later times. The threat of this attack vector is reified by the numerous successful cyber-attacks directed against NASA.

 

 

Cyber security

The three steps that space asset stakeholders must take to successfully defend their resources, Ryan Hutchins in Cyber Defense of Space Assets are:

(1) to establish an agile, global regime that can provide training, intelligence, and knowledge sharing between stakeholders;

(2) to perform code analysis and penetration tests to expose known vulnerabilities in existing infrastructure that can be shored up by relatively simple means. Once complete, this will ensure space asset safety against a wide range of basic attacks that would currently succeed. This will force adversaries to expend massive amounts of time and resources in an attempt to find successful exploits.

(3) Aided by the established global regime, stakeholders must undertake research efforts into defense-in-depth design, and that enable them to anticipate vulnerabilities and exploits so that they may seize the initiative from attackers and design protocols, software, and spacecraft buses that are hardened against cyber-attack.

 

Another technology that Multiple companies are adopting is laser optical communications as the next evolution in satcom. SpaceX, Telesat and LeoSat are all incorporating laser technology in their Low Earth Orbit (LEO) constellations.

 

Laser beams are highly focused compared to RF which spreads to many kilometers over the distance the waves reach LEO orbit. Therefore laser communication signals cannot be detected unless you are within the narrow laser beam. According to  LGS Innovations’ CEO Kevin Kelly, it’s “relatively straightforward” to layer bulk encryption over the data before its excited to the photonic level and transmitted down to Earth. One can also create custom waveforms that only the user will know how to decode..

 

 

DARPA’s Cyber and Encryption Security for National Security Space Systems and Low Earth Orbit Constellations

The Defense Advanced Research Projects Agency is seeking information on new technologies it can use to manage the sharing of missions across large constellations of inexpensive low-earth orbit satellites for the Defense Department. advances in autonomy and machine learning are enabling the management of multiple vehicle systems that collaborate. DARPA is interested in leveraging these advances in order to demonstrate unique military utility.

 

 

DARPA is interested in leveraging advances in cybersecurity going beyond compliance with DoD instructions to ensure the security of the constellations of inexpensive low-earth orbit satellites for the Defense Department.

 

DARPA/TTO is seeking new technologies and concepts to derive appropriate system security requirements, architectures, and system designs from the inception of the design process through decommissioning. Areas of interest to secure include, but are not limited to:

  • Information systems within the space segment collecting, generating, storing, processing, transmitting, or receiving NSI information
  • NSA-approved cryptographies and cryptographic techniques, implementations, and associated security architectures,
  • End-to-end encryption of all data (e.g. space platform bus and payload command echoes, telemetry, health and status, mission data, and communications relay) transmitted over any communications link
  • Command initiated or automatically invoked unencrypted emergency backup links or cryptographic bypasses used to recover lost communications
  • Pseudorandom bit streams to ensure cryptographically derived transmission security effects are not predictable by unauthorized personnel
  • Accomplishing a secure mission shared across multiple satellites
  • Autonomous detection and response to anomalous or malicious cyber events
  • Securely networking among a large number of satellites in multiple orbital planes with multiple comms links, multiple ground stations, and/or multiple remote (tactical) users
  • Secure on-orbit data cloud and autonomous management of dynamic, distributed data storage and processing functions across multiple satellites
  • Operator interface designs for constellations allowing the flexible but secure command and control (C2) relationships.
  • Scalable approaches for the above areas that enable data rates of 10Gb/sec.

 

 

References and Resources also include:

https://www.fbo.gov/index.php?tab=documents&tabmode=form&subtab=core&tabid=8cff083bfad70aa8605be3c570d99ba1

http://www.cs.tufts.edu/comp/116/archive/fall2016/rhutchins.pdf

About Rajesh Uppal

Check Also

Satellite Ground Segment as a Service (GSaaS) driven by New Space requirements

The artificial satellite system has three operational components space segment,  user and ground segments). Space …

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected !!