Search This Blog

Powered by Blogger.

Blog Archive

Labels

How Hackers Launched an Attack on European Spacecraft

The ESA challenged experts working inside the ecosystem of space sector to hinder the operation of the ESA's "OPS-SAT" demonstration nanosatellite.

 

Space warfare is unavoidable, and the space ecology must be ready at all times. The European Space Agency (ESA) issued a challenge to cybersecurity specialists in the space industry ecosystem to interfere with the operation of the ESA's "OPS-SAT" demonstration nanosatellite in a capability demonstrator during an annual event on cybersecurity for the space industry. 

The system that controls the payload's GPS, altitude control system, and onboard imaging sensor was to be taken over by cybersecurity specialists utilising a variety of ethical hacking techniques in this challenge.

The goal was to determine how unauthorised access to these systems could result in the satellite losing control of its mission or sustaining serious harm. 

What happened during the challenge

This unusual exercise, which emphasised the need for a high level of cyber resilience in the extremely specific operational environment of space, was conducted by Thales' offensive cybersecurity team in partnership with the Group's Information Technology Security Evaluation Facility.

Thales' four cybersecurity professionals got access to the satellite's onboard system, seized control of its application environment using standard access rights, and then exploited various holes to inject malicious malware into the satellite's systems. 

This enabled other purposes, such as masking specific geographic regions in satellite photography while concealing their actions to avoid detection by ESA. This also made it possible to compromise the information sent back to Earth, particularly by modifying the photos captured by the imaging sensor of the satellite. 

The main goal of the exercise was to aid in assessing the impacts and consequences of a real cyberattack on space systems. ESA has access to the satellite's systems during the exercise to maintain control and ensure a return to normal. 

Cybersecurity issues and their solutions 

Space technology has been created from the beginning with both military and non-military applications in mind. The challenges in this scenario include: 

  • Maintain mission continuity by protecting all space resources. 
  • To guarantee space system resilience notwithstanding any cyber vulnerabilities. 
  • Recognise and respond to any threats that may originate in the ground or space. 
  • Comply with all space security certifications, rules, and regulations. 

Depending on how a spacecraft is used, cybersecurity challenges necessitate suitable answers for a secure environment, including a secure satellite control centre, mission control centre, and IT infrastructure. These satellites are incredibly intricate. Thus, each component is produced in collaboration by a number of manufacturers. 

Launching the satellites into orbit is a difficult operation that involves multiple companies. Even once the satellites are in space, the companies that own them frequently hire other companies to handle their day-to-day management. Since there are more vendors, the vulnerabilities increase. 

An overview of hack

When hackers took over the American-German ROSAT X-Ray satellite in 1998, this scenario received attention. By hacking into computers at the Goddard Space Flight Centre in Maryland, they were able to achieve their objective. The spacecraft was then instructed by the hackers to direct its solar arrays directly towards the sun. 

This effectively rendered the satellite unusable by destroying its batteries. The retired satellite eventually landed on Earth in 2011. In the same way that the UK's SkyNet satellites were taken over by hackers in 1999, satellites may similarly be held hostage by hackers in exchange for a ransom.

Over time, there has been an upsurge in the likelihood of satellite cyberattacks. In 2008, two NASA satellites were allegedly totally controlled for two minutes on one and nine minutes on the other by hackers, most likely from China.

In 2018, it appears that a different group of Chinese state-sponsored hackers carried out a sophisticated cyber operation targeting satellite operators and defence companies. Similar attacks have also been tried by Iranian cyber groups.

Developing resistance

There are many anti-satellite weapons, such as missiles, lasers, microwaves, and space robots, but they are expensive, only accessible to a few countries, easy to track, and likely to produce debris that is dangerous for all space users. 

However, many countries can afford cyber weapons, which are very challenging to trace. 

China has developed a new cyber defence system that can automatically find security flaws in satellites in orbit. A space cyber fighting brigade called Space Delta 6 has also been developed by the US Space Force.

Some analysts anticipate that in the following years, the number of satellites in orbit will double, with many of them providing commercial services like Internet and communication. In order to maintain order in space, regulatory frameworks are urgently needed.
Share it:

Cyber Security

European Spacecraft

Nanosatellite

Space warfare

Threat Landscape