As there are more and more satellites in orbit around the Earth, cybersecurity specialists met by France 24 fear that these constellations will become a new playground for cyber warfare or computer crime. The conflict in Ukraine was one of the first demonstrations of this.
The Russian invasion of Ukraine has had an impact, from Kiev to the UN halls and even … the space. On February 24, when Russian President Vladimir Putin declared war on his Ukrainian neighbor, the KA-SAT satellite was taken out of operation by a cyber attack. Consequence: No more satellite internet for the whole of Europe – thousands of French people used it – and 6,000 wind turbines in Germany had to be shut down because they were remotely controlled by a satellite connection.
“This could be a turning point for computer security in space,” repeated Mathieu Bailly tirelessly since then, Vice President of Cysec, a Swiss company for sensitive data security. Like him, many of them in this attack saw “a Pearl Harbor moment for the space sector” or “9/11 in space” during Cysat, the conference on security issues in space, which took place in Paris on Wednesday 6 and Thursday 7 April.
The room is full of satellites
“It is true that this is the first time that a computer attack on a commercial satellite in space has been made public,” recognizes Xavier Mehrenberger and Aris Adamantiadis, two computer security consultants who are also part of a team of “ethical” hackers. tasked with testing the reliability of a European Space Agency (ESA) satellite.
The scenario of the space becoming a new frontier for cyber warfare or cybercrime is what industry professionals fear. “Between military satellites, civilian missions and even constellations of commercial satellites, there are a lot of space assets to protect,” emphasizes Nicolas Chaillan, a French serial entrepreneur based in the United States who was the first person in charge of software security for the US Air Force and Space Force between 2019 and 2021.
Low Earth orbit (up to 2,000 km above the Earth) truly creeps with satellites. There are nearly 8,000, more than half of whom are Americans (about 4,400). And Elon Musk, head of SpaceX, sometimes launches more than 200 satellites a month.
So many potential goals. But for whom? In fact, it is difficult to know whether the hacking of the KA-SAT satellite, which the United States attributes to the Russians, is an exception or just the tip of the iceberg of space. During a conflict, one of the warriors may find it sensible to attack a satellite, especially if “as seems to have been the case with KA-SAT, it was used by the Ukrainian army to communicate”, Thomas Girard emphasizes , responsible cybersecurity for CS Group, a French defense and space critical infrastructure management company.
The threat comes mainly from state actors
But in peacetime? The few precedents indicate that cyber spies may be interested in the communications passing through these spacecraft. Thus, in 2018, France suspected Russia of trying to spy on the French-Italian satellite Athena-Fidus. “As it quietly continued its rotation over Earth, another satellite [russe] approached him closely (…). So close that we really could have thought he was trying to intercept our communications, said Florence Parly, Secretary of Defense at the time.
For Nicolas Chaillan, “Chinese cyber spies have long been interested in the space industry to regain American know-how.” “We are not aware of it, most of the time these attack attempts are classified,” assures this former collaborator from the U.S. Department of Defense, as campaigns for greater transparency about computer attacks in space. “to raise awareness of the urgency of an urgent need to better protect ourselves”.
Computer warfare in space therefore appears above all to be a state affair. Specifically, “in the 1980s and 1990s, there were hobby hackers who were interested in the challenge of hacking into something new like a satellite, but from the late 2000s, state actors really started investing resources in them because the data that passed through these spacecraft became more and more strategic, ”explains Adrian Nish, Director of the Cyber Division of BAE System, the UK defense and aerospace giant.
It is not only satellite communications that may interest a computer hacker in the state’s salary. “If someone succeeds in disabling the GPS satellites, it would be catastrophic,” Nicolas Chaillan emphasizes. “Most of our opex [opérations extérieures] is based on satellite geolocation information “, specifies Julien Airaud, Head of Cyber Security at the National Center for Space Studies (CNES).
Satellite imagery is also a strategic issue. “What would happen if someone fiddled with the satellite imagery that allows you to locate a target or see the situation on Earth?” asks Thomas Girard, from CS Group. Satellite images of the Russian mobilization at the Ukrainian border have been used extensively to measure the impending Russian offensive. A hacking of these resources could have changed the face of the conflict.
And tomorrow cybercriminals?
This is why most countries – such as France and the United States – consider space as a vital sector that needs to be protected as a critical infrastructure.
Hacking a satellite is also not within reach of the first hacker to come. “You need to understand the protocol used to configure the satellite, that is, know how to ‘communicate’ with the interface,” explains Aris Adamantiadis, the IT consultant who tested the reliability of an ESA satellite. . That’s why cybercrime gangs are keeping their feet on the ground for now. “It’s much easier to implement ransomware or steal bitcoins than to hack satellites, and it still brings in a lot of money,” sums up Adrian Nish.
But computer security against these threats on Earth will improve. Cybercriminals may then be tempted to turn their attention to the stars as more and more start-ups want to enter this potentially lucrative satellite market and “to win this race, some are tempted to cut corners. In terms of cybersecurity”, regrets all the experts interviewed by France 24.
“The biggest risk comes from the supply chain, from the proliferation of intervening suppliers and subcontractors, and not all of whom have the same maturity in terms of cybersecurity,” emphasizes Julien Airaud, of CNES. Small commercial satellites today contain components that are mass-produced by different companies, while the launch in space can be performed by one company and the satellite control interface is supported by another.
Then it is enough for a hacker to find a fault in one of these service providers to get to the satellite. This is what happened to the KA-SAT satellite. The assailants contented themselves with attacking the ground control system, which made it possible to recover the data sent by the satellite.
In fact, what has happened to all the other innovation sectors is happening with space. “Initially, entrepreneurs think that cybersecurity is optional and that there will always be time to take care of it when problems arise. But with space, it is not that easy,” warns Nicolas Chaillan. In fact, if it’s relatively simple to fix a security flaw in a program on a computer on the ground, it’s still a few sleeves to go and do it on a satellite.