Space cyber attacks: who steals data from satellites and why

Space not only attracts explorers and millionaires who dream of traveling to Mars. Space beyond the earth has become a target for hackers. We tell you who and why are chasing space data

History of space cyber intrusion

Cyberattacks against space are not a new phenomenon. This problem first arose in 1998, when hackers hacked into the control system of the German-American satellite ROSAT X-Ray. The computer from which the satellite was controlled was located at the Goddard Space Flight Center: after penetrating inside the hackers, the ROSAT X-Ray solar panels aimed directly at the sun – this quickly landed the battery and rendered the satellite useless. The mission was shut down and the satellite itself “returned” to Earth in 2011.

ROSAT X-Ray Satellite

(Photo: Wikipedia)

In 1999, hackers hijacked the British military satellite Skynet and held it for ransom from the government. The aviation industry noticed that one of the launched satellites was in the wrong position. They then received an anonymous message demanding money in exchange for control of Skynet’s control system. Some, however, denied the information about the hack.

In October 2007 and July 2008, NASA’s Landsat-7 satellite crashed within 12 minutes due to hackers. A similar story happened in June 2008 with the Terra AM-1 satellite. Perhaps the attackers managed to eavesdrop on the internet connection at the ground satellite station Svalbard, located in Norway.

More than 20 years have passed since the first attack on NASA satellites, but according to the agency’s report, it is still vulnerable to cyber threats. In 2019, a contract employee at NASA, who had joined the space agency’s internal network and system, used a personal computer to hack cryptocurrency. A year earlier, with the help of an external account, hackers stole about 500 MB of data on one of NASA’s main missions. Based on a report from 2019, the hack was possible thanks to a cheap Raspberry Pi modular computer. The user remained undetected for ten months: he managed to obtain about 23 files, including information on the rules of the international arms trade that govern the transfer of military and space technology related to the Mars Science Laboratory mission. It is also known that two Chinese citizens in 2018 were charged with gaining unauthorized access to a NASA computer to steal data. Since 2006, hackers have carried out cyber attacks on companies and organizations involved in aerospace and satellite technology.

In 2020, several large space companies were hit by cyber attacks at the same time. Criminals working through the DopplerPaymer program stole internal confidential documents from Visser, one of the contractors for SpaceX, Tesla, Boeing, Blue Origin and several other companies. The files obtained by the hackers contained information on details of military equipment developed by Lockheed-Martin, anti-aircraft systems, as well as bills and receipts, supplier details, reports and legal documents. Hackers penetrated Visser Precision’s internal system, encrypted all files and then demanded ransom. The company did not pay for the hackers, and all data ended up on the web.

Why protect data from satellites and space companies

In the last four years, NASA’s space agency has been exposed to cyber attacks more than once: hackers have carried out 6,000 attacks on satellites, with 1,785 attacks in 2020 alone. Some hacks, such as kinetic and electronic hacks, are easy to detect. Kinetic weapons can carry out a direct attack on a satellite or ground station. Non-kinetic – lasers, powerful microwave weapons, electromagnetic pulses – cause damage without physical contact with the target. Such attacks are performed at the speed of light and are almost invisible. Electronic intrusion is the interruption of communication by interfering with the radio frequency signals that space systems use to transmit data. Jamming is an affordable type of attack, as many devices are inexpensive. But it is also the simplest form of hacking, as the signal eventually returns to normal.

Cyberattacks are much harder to detect. This is one of the most serious forms of intrusion at the moment, which can manipulate, corrupt data and disable devices. During 2019-2020, the number of cyberattacks against NASA increased: within the space agency, this is attributed to the neglect of security rules – downloading of pirated software and materials – the frequency of intrusions for this article increased by 343%.

The number of cyber attacks against NASA has increased since 2017

The number of cyber attacks against NASA has increased since 2017

(Photo: NASA’s Cybersecurity Readiness Report)

Under conditions when people want to get closer to space travel, outer space is in principle vulnerable. Now it is already a powerful international infrastructure with a lot of investment. The space industry is one of the most innovative: it concentrates on almost everything related to modern satellite communications systems, which can be revolutionary in terms of Internet accessibility and improved navigation systems. In addition, satellites often store sensitive data that is in an international race. It is also important to understand that satellites are controlled entities, and if hackers gain access to the systems that control their movements, this can have serious consequences, up to redirection, collisions and even relocation to the International Space Station.

Why space becomes vulnerable to cyber threats

To date, there are almost no documents in the field of space that could clearly regulate security issues within the framework of outer space. The main “space treaty”, concluded between the United States, Britain and the Soviet Union in 1966, says nothing about cyberattacks: it only addresses issues related to the ban on the use of weapons, including nuclear weapons, in Outer Space.

In England, “Space Law” has been in force since 1986, 2018 “Space Industry Law” was added to it. Both laws mainly support the obligation of anyone who travels or launches something in space to have a license. And even if the Space Industry Act does not say anything about cybercrime, there is information about the punishment for causing damage to a spaceship and hijacking it.

In 2020, Donald Trump, then President of the United States, signed the Memorandum on Cybersecurity in Outer Space. It notes the basic principles for protecting space equipment from cyber threats. For example, as noted in the memorandum, it is important to build systems so that all attacks can be responded to quickly, even if the equipment is too far from the ground.

For NASA, the threat is that the agency has more than 42,000 data objects in the public domain, in addition, there are about 3,000 websites with information about missions. For other companies, the financial side of cyber defense is a priority. In fact, in the face of market dominance competition, companies are forced to accelerate the development of equipment and systems, as well as reduce costs. For the most part, small businesses like CubeSat are delighted with this: without spending money on development, they use ready-made materials and programs that are public. It is quite easy for hackers to break into such devices. In addition, the launch of a satellite is a team effort and often the interaction between several organizations at the same time, which also increases the risk of invasion due to the large number of contractors.

It should also be remembered that in order to reach space and the data it stores, hackers do not have to try to get directly into space. The units are controlled from the ground, which means that you need to protect the systems that are in observatories and space stations.

Leave a Comment