Overview of Threats to U.S. Space Industry in 2021

Written By Alex Ebrahimi, Jake Watkins, Ryan Christensen June 24, 2021

As the landscape continues to shift for large companies and small start-ups alike in space, the threat of a cyberattack in space continues to loom. These threats range from weaknesses in the supply chain to poor cyber hygiene. The vulnerabilities in our space and cyber systems leave room for state, non-state, and criminal actors to pose a threat to the integrity of our space infrastructure and national security.

Threats and Vulnerabilities

Software Patching, Weak Encryption, and Use of old Information Technology

Patching software in the space environment has been inconsistent despite modern satellites and spacecraft having the capability to accept software patching. However, when utilizing old equipment and weak encryption techniques, the threat of malware infection increases.

For example, Triton, an extremely destructive malware, has the ability to give the hacker access and full control over what are thought to be obscure and hard-to-crack targets. Triton was used in a hack of a petrochemical plant in Saudi Arabia in the summer of 2017 that allowed hackers to take full control over the plant’s safety instrumented systems. This example is crucial in driving home the point that weak encryption and old equipment in space leaves spacecraft and satellites susceptible to attacks like this one. Having vulnerable software and hardware gives hackers the upper hand, as it provides them with more opportunities to exploit.

Supply Chain

Between the constraints that the pandemic placed on the supply chain, and systems being constructed of thousands of components manufactured both within and outside of the U.S., the vulnerabilities of space systems increase. Small to medium-sized organizations “lack adequate resources or rely on potentially vulnerable sources for product development."

An example of this includes some CubeSats that integrate COTS products with open source software “which could introduce vulnerabilities into inter-connected military and government environments.” Another example of this supply chain threat is the ongoing hacking campaigns of supply chain software providers; the FBI alerted U.S. companies that “hackers are attempting to infect upstream companies—particularly those in the energy sector.”

Human Element

According to Verizon's "2021 Data Breach Investigations Report," 85% of breaches had a human element. The human element is a broad and vague vulnerability that encompasses any attack that involves a social action such as phishing, lost or stolen credentials, or even malware that has to be clicked to download. From end-users to industry leaders, everyone has the potential to make a mistake in use or in preparation. For example, security leaders may struggle to communicate their organization’s risk profile to the board of directors. Programmers may not be able to avoid functional bugs and security risks while operating under tight deadlines. End-users may make mistakes by clicking on a malicious link in a phishing email or fall prey to sophisticated trickery.

Solutions

After over a year of digitizing business and daily life throughout the COVID-19 pandemic, adapting to cybersecurity demands in 2021 and beyond has become all the more apparent. Prioritizing cybersecurity begins with prioritizing an educated and nimble workforce who can understand and navigate the threats they collectively face. Unfortunately, education is not enough to prevent a catastrophic attack and a well-protected infrastructure is absolutely necessary. A common strategy to springboard any internal cyber strategy is known as “defense in depth” which includes separating assets and networks an organization maintains such that there is no single point of failure an attacker can leverage to move laterally through a network or database. In order to prevent less sophisticated threat actors from crippling infrastructure or compromising data, modern anti-virus solutions provide basic computer hygiene and easily fend off known malware signatures from taking hold. In sum, when cybersecurity is appropriately prioritized, it is given the resources it needs to operate effectively. In planning for the future, prioritizing security in the DevOps cycle is critical for mitigating future vulnerabilities. Prioritizing security in this sense can include everything from teaching engineers to consider how the code they write could be compromised to breaking through silos to increase open communication between programmers and the security teams.