cyber-attacks169

Cyberattacks on Satellites

An Underestimated Political Threat

Walter-Peeters

Author

Walter Peeters

LSE IDEAS

Cyberattacks have traditionally been associated with ransomware, wherein hackers  attempt to breach records, releasing them back only after payment of a ransom. In order to give an idea of the impact  these kinds of attacks, an official UK source registered eighty-three data breaches in February 2022 alone, with over five million records at risk [1]. Just before the conflict in Ukraine, an increased number of such attacks were registered targeting Ukrainian banks and government institutions in the second half of February 2022.

Ukraine had already become a victim of a nation-wide attack dubbed 'NotPetya’s', which was one of the most devastating global cyber-attacks to date, and it is still unclear who was responsible for it [2]. Ukraine was hit hardest by this attack, with 80% of the overall infection, which we can surely correlate with the later events in that region. The attack blocked Ukrainian government agencies, banks, and airports from providing their digital services and operations. The worm then spread beyond Ukraine, unintentionally causing damage to hundreds of companies in over sixty countries, with financial losses estimated at 10 billion USD. Global financial losses due to cyber-attacks in 2021 are estimated at 6 trillion USD [3]. If inflicted because of political, ethnic, or personal conflict, the question remains what safety measures there are against a sophisticated group of hackers that aim to shut down assets.

Using cyberattacks for political reasons is not a new phenomenon. The use of STUXNET malware in 2010 against Iranian centrifuges, causing them to delay the enrichment of Uranium for military purposes, was one of the first reported cases on how cyberattacks could be used for policy purposes. While ransomware is mainly distributed via terrestrial networks, the threat of cyberattacks on satellite systems has become increasingly real. As a recent example, SpaceX became aware of the jamming of their Starlink terminals they delivered to Ukraine in March 2022, and considerably reinforced cybersecurity [4].

In this context, it is worth mentioning that cybersecurity matters have been raised between US President Joe Biden and the Russian President Vladimir Putin. The Russian government stated that they support cooperation between the two countries in the cybersecurity domain “with respect to international law” [5]. As far as military aspects are concerned, studies emphasise the dependence of modern weapons systems on accurate navigation systems. We need to add to this the enormous need for bandwidth capacity for military purposes, which is exponentially increasing due to the use of drones. Therefore, it is not surprising that military tactics are increasingly targeting procedures for a warfare scenario based upon limited space data support [6]. Indeed, military commanders have stated that “We developed an overdependence on high-bandwidth communication systems and the contractors required to run them.” [6]. As an answer to this, large-scale training exercises with degraded GPS capabilities have now been regularly introduced.

Besides military dependancy, economies are also relying increasingly on space data. It is evident that with a rising dependency of GNSS[1] for autonomous transport means and collision avoidance systems, these economic aspects of space technology cannot be ignored. In order to learn more about the perceived threats for satellites, a survey was made addressing space experts in  the fields confronted with these threats. This study led to the conclusion that, from a point of view of satellite experts, global cyberattacks were considered as the highest risk to influence, and even block, data from our existing in-orbit infrastructure [7].

Several countries are looking into counter-space capabilities that include electronic methods. Compared to anti-satellite (ASAT) capabilities, an interference with a satellite through a cyber-attack can be conducted in a way that is cheaper, faster, and more difficult to trace [8]. Cyber-attacks on satellites are often related to accessing the satellite system via ground stations. Several attempts, often considered by cyber-experts as experimental tests and preparatory, are known but not widely reported by satellite operators for obvious commercial reasons.

In contrast to military satellites which are commonly designed so that the security aspect is  taken into account, commercial satellites are more vulnerable to attacks because of a lack of awareness and implementation of security. Often, manufacturers of satellites use off-the-shelf technology to make the costs more reasonable. Some of these components can be screened by hackers for vulnerabilities in open-source technology and software. The ground stations that control satellites are often run on computers with softwares that are vulnerable to potential attacks from hackers. Therefore, cyberattacks on commercial satellite systems providing services to the economy are equally important as attacks on military satellites, although this impact is not as widely considered and reported.

In the case of such a cyberattack, besides the direct replacement costs of the satellites, there is no doubt that collateral damage will be even more important. Indeed, many operations and systems will not be able to operate without space data (and we need to point out that in the future, with drones and autonomous driving cars, this will become exponentially more complex).

An absence of navigation tools will be invasive in several sectors, such as:

-        In aviation, for monitoring positions of aircraft and satellite-based augmentation systems

-        Railroad train pacing systems for cruise control, positive train control to keep track of train location and movement authorities

-        In marine transportation, for navigation, collision avoidance, communications, and situational awareness

-        In vehicles, with handheld and embedded devices for navigation and fleet management.

But the most invasive economic effect will result from the sudden unavailability of timestamps. Indeed, precise timing and time synchronisation, and frequency coordination (syntonisation) is used most notably in broadcasting and communications, including both cell phones and traditional telephone applications and the internet, so packets arrive at the same time in financial services for timestamping transactions. In fact, the whole financial system will collapse within hours as it is based upon these timestamps, followed a few hours later by a breakdown of power grids, which are also driven by this precise synchronisation.

Based upon a previous study [9], which assumed zero space data without any warning (irrespective of the probability if this can indeed happen), we could imagine the following timeline as per tables 1 and 2, whereby T0 is the moment that all satellites would stop working:

Table 1: immediate consequence of a global shutdown (adapted from [9])

T0

-        All flights grounded, trains stopped, massive traffic jams (suddenly no GNSS signals)

-        Delayed intervention police/ambulances/fire brigades (no GNSS)

-        Cash-dispensers stop working (GNSS controlled)

T+ 2hrs

-        Stock markets drop considerably

-        Congestion terrestrial communications and remote access (oceanic/polar) interrupted

T+ 7hrs

-        News agencies and energy companies hit

T+ 11hrs

-        No thunderstorm/hurricane/natural disaster warnings anymore

T+ 1 day

-        Government limits public access to give priority to crisis communication

-        No public access to social media

T+ 2 days

-        Financial transactions stop (no timestamp)

-        Breakdowns of power stations (uncontrolled overload)

T+ 3 days

-        Power blackouts (no power synchronisation)

-        Food and temperature sensitive medicaments affected

T+ 4 days

-        Food supply chain starts to break down

-        Panic buying of food, plundering

T+ 5 days

-        Fresh water shortage

-        Tourism heavily affected

 

Table 2: Mid-term effects and remedial actions (adapted from [9])

T+ 1 week

-        Slow economic collapse

-        No funding transactions/no new contracts

-        ISS crew to be evacuated and ISS prepared for hibernation 

T+ 2 weeks

-        No forecasting of solar activity

-        Disrupted power grids (particularly as a result of solar storms)

T+ 1 month

-        Government will launch emergency satellites using existing military launchers  

T+ 2 months

-        Economy strongly affected

-        Communication companies bankrupt

-        Factories with complex delivery system bankrupt

T+ 3 months

-        Strategically important satellite constellations launched (military)

T+ 4 months

-        Strong public push to increase space budgets immediately!

T+ 6 months  

-        New LEO constellations operational, also for civil use

T+ 12 months

-        New GEO satellites operational

 

Table 1 shows the immediate effects. Traffic on the road relies on navigation guidance. If suddenly there is no navigation system available, cars and trucks will be completely lost, and we will witness immediately mega traffic jams, also blocking emergency services.

Other transport sectors such as trains, ships, and planes will also lose space data support. Airlines will immediately ground their fleets. In general, the absence of GNSS navigation data will cause the first major visual effect. A less obvious consequence will be linked to timestamp-based operations, which will be immediately aborted. Cash dispensers will not work anymore, and banks will be congested. Soon after, financial operations will stop, and stock markets will be affected, up to the point that they will have to be closed.

The same time-stamp effect will heavily influence power system synchronisation with increasing numbers of blackouts. In turn, this will increasingly influence transport chains of foods and medicaments. Communication channels will be affected, and the lack of news will lead to panic reactions in terms of panic-food purchasing and even plundering. Remote areas will not be reachable.

In table 2, the follow-on effects are listed. After one week, several companies will have to stop activities due to their dependency on space data and supply chains. A gradual economic collapse will occur leading to bankruptcies and unemployment, most probably leading to riots.

Depending on satellites' availability in stock (e.g., second flight models), governments will use existing launchers (mainly military) to try to restore essential functions. However, to have fully functional and operational systems will require several months, and priority will be given to launch strategically important satellites. It can be assumed that the first commercial smallsats in Low Earth Orbit will be operational before geostationary operations can be restored. By this time, the world economy will have suffered an unprecedented economic collapse, which will require years to be restored.

In conclusion, experts consider a total collapse of all satellite systems at the same time unlikely, but possible. Traditionally, two major effects were deemed potential causes for such a catastrophic scenario: a mega solar storm (Carrington effect) or a space debris chain reaction (Kessler Syndrome). A recent survey [8] informes us that experts nowadays are more concerned about another threat, namely massive cyber-attacks on satellites. Even if improbable, it is still useful to consider such a hypothetical case to analyse the effects and reflect on strategies and countermeasures.

The most significant effect is linked to GNSS systems because, in addition to reliance of modern weapon systems on accurate navigation information, these data are an integral part and a commodity of our infrastructure. An accurate timestamp is the basis for financial operations. Therefore, an absence of these data will lead to extremely dramatic supply chain situations and collapse our economic system.

 

For more information, see the author’s accompanying paper in Space Policy: An International JournalVan Camp, C. and Peeters, W., A World without Satellite Data as a Result of a Global Cyberattack. Space Policy 59 (2022).

 

About the author

Walter Peeters is Professor of Space Business and Management at the International Space University.

 

References

[1] ITGovernance, available under https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-february-2022-5-1-million-records-breached [Accessed 20 March 2022].
 
[2] Greenberg, A. The Untold Story of NotPetya, the Most Devastating Cyber-attack in History [online] Available at: https://www.wired.com/story/notpetya-cyber-attack-ukraine-russia-code-crashed-the-world/ [Accessed 18 March 2022].
 
[3] Standage, T. (The Economist - The World in 2021), The world in numbers: industries, [Information Technology online] Available at: https://www.economist.com/the-world-in-2021 [Accessed 20 March 2022].
 
[4] Foust, J. SpaceX shifts resources to cybersecurity to address Starlink jamming. SpaceNews, March 5, 2022.
 
[5] BBC News (2021) Biden vows US actions over Russian cyber-attacks [online] Available at: https://www.bbc.com/news/world-us-canada-57786302 [Accessed 17 July 2021].
 
[6] Magnuson, S., U.S. Forces prepare for a ‘Day Without Space’ [online] Available at:https://www.nationaldefensemagazine.org/articles/2014/2/1/2014february-us-forces-prepare-for-a-day-without-space [Accessed 20 March 2022].
 
[7] Van Camp, C. and Peeters, W., A World without Satellite Data as a Result of a Global Cyberattack. Space Policy 59 (2022), 101458
 
[8] Rajagopalan, R. (2019), Electronic and Cyber Warfare in Outer Space [online] Available at: https://www.unidir.org/files/publications/pdfs/electronic-and-cyber-warfare-in-outer-space-en-784.pdf [Accessed 10 July 2021]
 
[9] ISU, Without Space, Final Report (ISU, 2019, Strasbourg, France)

 

Note: This article gives the views of the author, not the position of EUROPP – European Politics and Policy or the London School of Economics

 


[1] GNSS = Global Navigation Satellite System