A pesar de lo impresionantes que parezcan los ataques cin\u00e9ticos en los sat\u00e9lites, la mayor amenaza para \u00e9stos es el ataque cibern\u00e9tico. Un ataque de este tipo que da\u00f1e los sat\u00e9lites comerciales puede tener un impacto inmediato en la capacidad militar. El ciberespacio es el punto d\u00e9bil de las redes espaciales globales. Esta amenaza se deriva en parte del uso cada vez mayor de redes satelitales operadas comercialmente. La principal red satelital militar de comunicaciones de banda ancha de Estados Unidos refleja un modelo de comunicaciones satelitales que est\u00e1 llegando a su fin.<\/p>\n
Behind the headline-grabbing kinetic war, Russia\u2019s attack on Ukraine has put a new focus on the importance of cybersecurity and satellite communications.<\/p>\n
American satellite communications company Viasat probed an outage that impacted its coverage of Ukraine, and SpaceX deployed internet service and terminals to Ukraine, while simultaneously announcing that the company will shift resources to cybersecurity. The FBI and Cybersecurity and Infrastructure Security Agency issued a warning about the elevated risk.<\/p>\n
The stakes are high if this threat escalates.<\/p>\n
As impressive as kinetic attacks on satellites are, the biggest threat to these flying computers is from cyberattack. Such an attack that impairs commercial satellites can have an immediate impact on military capability.<\/p>\n
The fear of cyberattack on satellites and ground infrastructure has been on the minds of government users for some time. Lt. Gen. Stephen Whiting, commander of the U.S. Space Force\u2019s Space Operations Command, recently remarked: \u201cCyberspace is the soft underbelly of our global space networks.\u201d<\/p>\n
This threat stems in part from the increasing use of commercially operated satellite networks. America\u2019s primary military wide-band communications satellite network reflects a model of satellite communications that is ending. When the first Wideband Global Satcom satellite took to flight in 2007, the government and its primary contractors built every ounce of the satellites and their infrastructure.<\/p>\n
That network followed the same model as its predecessors going back to the Initial Defense Communication Satellite Program that put more than two dozen satellites in orbit from 1966-1968. The experts who recommended the program and engineers who built the systems were either members of the military or contractors carefully cleared by the government.<\/p>\n
Everyone in mission control from the top manager to the janitor was either a government employee or a trusted person with the highest clearance. That total control gave military officers responsible for command, control, and communications a strong sense of security when they made use of satellites. Also aiding that assurance was the difficulty of tampering with satellites in orbit. They were protected by physical separation from adversaries and cleared staff and facilities.<\/p>\n
All of that has changed.<\/p>\n
Beginning with the option of leasing capacity from commercial space operators, the government gained immense flexibility and cost savings. This has evolved further into procuring managed-service offerings from commercial space operators.<\/p>\n
This evolution is necessary given the explosion in bandwidth required to transmit the ever-growing mass of data for emails, voice, and video for commanders and their subordinates, plus the data from surveillance platforms like UAVs, and communications for general operations. This trend will only continue.<\/p>\n
The number of satellites in low-Earth orbit may increase by a factor of ten in just a few years. Communications dominated by a few dozen satellites will be supplemented by \u201cmesh networks\u201d of thousands of orbiters communicating with each other in addition to ground control stations. New \u201cGround Station-as-a-Service\u201d offerings further expand the population of commercial providers upon which government users can rely. But there are considerations that come with using commercial service providers.<\/p>\n
How robust is their protection of the network? The \u201cC.I.A. triad\u201d is a common model that forms the basis for the development of security systems and policies: Confidentiality, Integrity, and Availability. Satellite communications service providers generally place a lot of emphasis on \u201cAvailability.\u201d<\/p>\n
However, looking at \u201cConfidentiality\u201d in a satellite network, the government must ask important questions. Who is operating the network? Who can view locations of user terminals, configurations, and network status? How many third parties are granted privileged access to the network? Are the operators cleared?<\/p>\n
The entire approach to security and operations needs to be reexamined in light of the growing cyber threat and the large number of unvetted vendors who are part of any single service offering. The solution should start with \u201czero-trust\u201d protocols for all of the software and systems on a satellite network.<\/p>\n
Zero trust means treating all of your system components as untrusted, a software-design method that can prevent commercial service providers from monitoring government communications. Concerns over cleared personnel versus foreigners or other uncleared personnel operating the ground stations or control rooms become less of a concern.<\/p>\n
Shifting to the \u201cIntegrity\u201d leg of the triad, another fundamental component to accompany zero-trust design is the encryption of everything on a communications satellite from the data it transmits to the commands its receives and its linkages with other satellites in a mesh network. This encryption can also validate that information isn\u2019t tampered with.<\/p>\n
New innovations like distributed-ledger technology, which is used in cryptocurrency, can provide cryptographic assurance that is authentic, accurate, and reliable. Privacy and zero trust should be the hallmarks of new designs and new architectures. Since the technology now exists, it is more a matter of having the will to take a different approach to software and operations in satellite design and operations. We know the threat is real and serious. Let\u2019s build the defenses before a crisis occurs.<\/p>\n