Space is the next cybersecurity frontier
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Annelise Capossela/Axios
U.S. officials are increasingly turning their attention to how best to keep spies and hackers out of the country's space systems — especially as private industry continues to play a bigger role in their development.
Driving the news: Intelligence officials issued a warning Friday that foreign spies could be targeting commercial space firms.
- The advisory — which came from the National Counterintelligence and Security Center, the FBI and the Air Force — says adversaries could target these companies to siphon intellectual property, collect sensitive data related to satellite payloads, or exploit supply chain dependences.
- However, the two-page advisory doesn't identify what inspired the warning or which countries are likely to be behind these attacks.
The big picture: U.S. officials have long worried about how to properly secure the growing space industry, especially as more private space companies take on missions of national significance.
- The space business — which is set to become a $1 trillion industry by 2030 — is about more than just the flashy, headline-grabbing trips that bring humans out of Earth's orbit.
- Many fields, including agriculture, health care, transportation and energy, rely on satellites to provide crucial GPS coordinates, relay critical communications, predict the weather and more.
Threat level: Securing these companies and their infrastructure is a multifaceted problem that involves keeping hackers not only out of satellites in orbit, but also out of base stations and internal company networks.
- Government officials' visibility into these networks has gotten cloudier as the industry privatizes — giving executives like Elon Musk, who founded SpaceX, an outsize role in national security.
- Meanwhile, U.S. prosecutors and companies have already identified suspected space-related espionage campaigns from Russian and Chinese nationals in recent years.
Catch up quick: Last week's U.S. advisory is just the latest in a recent string of cyber exercises focused on the space industry.
- A hacking team received $50,000 last week after it won the first-ever "capture the flag"-style hacking competition involving an actively orbiting satellite at the DEF CON conference in Las Vegas.
- The Office of the National Cyber Director has held White House forums and other meetings across the country this year focused on securing space systems.
- Former congressional policy advisers have also called on the Cybersecurity and Infrastructure Security Agency to designate space an official critical infrastructure sector — which could unlock new security resources and funding potential for the sector.
Zoom in: Much of Washington's interest in space security notched up after Russian hackers targeted American satellite company Viasat an hour before invading Ukraine in early 2022 — providing a vivid example of how consequential space-related hacks can be.
Details: Securing satellites and other physical space systems faces many of the same challenges as securing other critical infrastructure systems: You typically need physical access to the equipment to make software upgrades.
- Satellites especially are designed to orbit the Earth for years, and the tech stacks they rely on can easily become outdated or riddled with new security flaws during that time.
The bottom line: Many of the same nation-state espionage and hacking fears that plague much of the U.S.' critical infrastructure — from water systems to hospitals — are playing out in the Earth's orbit too.
Be smart: The intelligence community recommends that private space companies rely on security logs to detect anomalous activity, develop programs to detect insider employee threats, and create security plans specifically to protect companies' "crown jewels."
Sign up for Axios' cybersecurity newsletter Codebook here
