The proliferation of commercial space industry efforts, particularly around small satellites, is creating new avenues for cyberattacks, security giant McAfee has warned.
In a technical research paper published today by McAfee’s Advanced Threat Research team in collaboration with Cork Institute of Technology, Blackrock Castle Observatory and the National Space Center in Cork, Ireland, the company outlined the threats posed to Space 4.0 – the latest, commercially driven iteration of the space industry – and in particular small satellites.
It has warned that while there has been some limited evidence of cybersecurity incidents impacting the space industry in the past, the extent has not been known due to the majority of the industry being operated by government agencies. With the proliferation of small satellites, there is likely to be an upsurge in publicly known attacks, exacerbated by the fact that the technology makes alternative attack methods more viable.
“Space security has typically been analysed from the perspective of ground segment, communications or datalink and space segment,” the team wrote.
“We need to think about Space 4.0 with a cybersecurity approach due to the increased connectivity and data, as opposed to the traditional approach of ground, communication and space segments. Cybercriminals will target the data and systems as opposed to the RF transmission layer.”
Build security in now to prevent cyberattacks, space industry warned
The team has liked the emerging Space 4.0 industry to the proliferation of the internet of things (IoT) industry, which saw new technologies and cheaper hardware prompt a proliferation of devices coming to market with very poor cybersecurity.
As a result, IoT devices have become a popular target for hackers, who have leveraged their poor security for a host of malicious purposes, including using them to form vast botnets and using them as easy access points to corporate networks.
The Advanced Threat Research team warn that if the space industry does not take steps now, small satellites that form part of Space 4.0 are likely to be similarly exposed to cyberattacks.
“This is a pivotal time for the secure advancement of Space 4.0 and we must learn from the mistakes of the past with IoT where the rush to adopt new and faster technology resulted in large scale deployment of insecure hardware and software,” the team warned.
They added that there needed to be “strong collaboration between cyber threat research teams, government, commercial and academia” in a variety of areas, including threat modelling, regulation, hardware and software design.
“There are many trustworthy building block primitives today to help secure Space 4.0, but we must leverage at the concept phase of innovation and not once a device has been launched into space,” they wrote.
“The time is now to secure our next generation infrastructure and data source.”