Introduction
Since the historic launch of the Soviet Sputnik 1, satellites have become a vital component of Critical Infrastructure (CI), transforming how we communicate, gather data, and understand the world around us. These artificial objects orbiting our planet have been deeply integrated into the public and private domains, for the use of earth observation, communication, navigation, and even national security. Therefore, it comes to no surprise that satellites are a prime target for malicious actors such as insiders, hactivists, terrorist groups, cyber criminals and nation-states.
A recent example of this phenomenon is the October 7th, 2023 terrorist attack when the Harakat al-Muqawama al-Islamiya, otherwise known as the Hamas Islamic Resistance Movement carried out a jamming attack on the Israeli Global Positioning System (GPS) signals, surpassing the it’s technological capabilities [1]. Military organizations heavily utilize GPS for Positioning, Navigation, and Timing (PNT), enhancing precision in military operations and facilitating efficient transportation and communication. Up to this point, the system’s inadequate resilience to operate or recover from the distruption, has resulted in fatality of over 1,300 lives among both Israelis and Palestinians [2]. While this is just one example, concerning security, it’s not uncommon to encounter satellite exploitation incidents due to their significance, which can result in damage to both tangible and intangible assets.
The following blog article introduces satellite systems security to cybersecurity students in a manner that remains coherent, even when discussing complex concepts like orbital mechanics, space engineering, and ethical hacking. By the end of the blog article, cybersecurity students will have a brief idea of the current state of satellite systems security in research and problems associated with the current trends from a technological, legal and ethical point of view.
From Inception to Present
In 1957, the launch of Sputnik 1 marked a pivotal moment as the first satellite to be launched into space. Its primary and only mission was to transmit signals to Soviet ground stations [3]. Unsuprisingly due to the cold war, this achievement intensified the competition between the polar opposite, United States and the Soviet Union. As noted by James Pavur, a security researcher at The University of Oxford, three years later, in 1962, a pivotal moment in the history of satellite security took place during a U.S. congressional hearing [1]. This act, signed by President John F. Kennedy, deliberated the inclusion of private enterprises in space activities under the Communications Satellite Act 1962, otherwise known as “ComSec”, expanding commercial communication satellite operations in the United States. From a historical standpoint, this event is a direct consequence of the contemporary space industry, often denoted as ‘New Space.’
As of today, unlike the United Kingdom and the European Union, the United States does not classify satellites as part of Critical Infrastructure [5] even noting that in 2023, more than 8500 active satellites were recoded orbiting our planet, supporting a market value of around $383 billion [1]. Satellite related activities currently contribute £370 billion to the United Kingdom (UK) economy, which is around 17.7% of the UK’s GDP [1]. Satellites, mainly utilized for communication and categorized as Low-Earth Orbit (LEO), comprise 80% of the satellites, underpinning a wide range of services. This includes delivering over 100 Terabytes/Second of global internet capacity and broadcasting media content to an audience of more than 100 million customers [2]. To gain an indepth understanding of the contemporary challenges from a technical standpoint, it is imperative to firstly grasp the fundamental structures at play.
Space Systems: Structure
Satellite systems, can be broadly divided into three main focuses.
-
- Satellites, orbiting at a defined distance from Earth. Satellites can be defined numerous ways, however, for the purpose of this blog article, adopting the definition from the Oxford Dictionary is the most suitable, which states that satellites can be described as ‘an artificial object placed in orbit around the Earth or another planet for the purpose of collecting information or facilitating communication‘. [6] It is therefore noted that scientifcly utilised interplanetary probes are out of the scope of this specific blog article.
- Ground Stations, typically situate at a specific locations on Earth and part of the wider communication terrestrial systems. Since there is no suitable definition for ground stations, they will be defined as ‘facilities within the ground segment used for simultaneous communication, data sensing, and transmission to satellites’.
- Radio Frequency (RF), commonly referred to as the Uplink/Downlink, situated between the ground station and the satellite. In essence, it is the signal or frequency that connects the ground station and satellite together [refer to fig. 1].
Although one may be easier to exploit than the other, it’s concerning that all three components lack comprehensive industry research and security sector solutions. This is particularly worrisome considering that even leading entities in the United States, such as The National Aeronautics and Space Administration (NASA) in the public domain and Space Exploration Technologies Corporation (SpaceX) in the commercial domain, have not significantly fortified this niche. To establish a theoretical, and technical foundation for the underlying complex mechanisms of these components, the following subsections cover some of the cybersecurity, physics and engineering concepts associated with satellites.
Satellite and Ground Station Systems
Modern space systems are generally complex and multifaceted and may require decades of expertise in the field to understand how they interconnect, however ground stations may be closely represented by Figure 1. Many ground stations utilise widely available hardware such as Software Defined Radios (SDRs) which are used to communicate with flyby satellites. AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adleman), Diffie-Hellman Key Exchange for encryption.
One of the challenges associated with the existing satellite systems is the high saturation of bespoke systems, including the use of Commercial Off-The-Shell Components (COTS) [4]. With this in mind, it is, therefore, it is hard to standardize the layout and the architecture of satellites. Regardless of this issue, the following diagram provides a general overview of the most common utilised hardware used within to demonstrate the generally required knowledge of satellite systems for cybersecurity experts.
Modern satellites rely heavily on software for critical functions, particularly within the Command and Data Handling (C&DH) systems and the Attitude and Orbit Control System (AOCS). The AOCS is fundamentally responsible for calculating and maintaining the satellite’s “Position, Time, and Attitude,” processing complex sensor data to adjust thrusters and reaction wheels. Because these components utilise embedded operating systems, they are vulnerable to traditional software exploits. To mitigate these risks, the aerospace industry is increasingly looking toward partitioned, microkernel-based architectures, such as SpaceOS or other secure Real-Time Operating Systems (RTOS). These specialised systems enforce strict isolation between critical flight controls and less secure payload systems, ensuring that a compromised commercial component cannot cascade into a total loss of vehicle control.
Enviromental Challenges
Operating in the harsh environment of space introduces severe physical challenges for satellite systems. Spacecraft are constantly subjected to intense cosmic radiation and ultraviolet (UV) energy. Because the energy of these UV radiation waves is often higher than the organic chemical bond energy that holds materials together, satellites experience severe corrosion, decomposition, and material fatigue over time. Furthermore, without an atmosphere to regulate heat, satellites endure massive temperature swings depending on whether they are facing the sun or shaded by the Earth, necessitating complex thermal management systems to prevent hardware failure. Finally, the microgravity environment requires highly specialized engineering for moving parts, fluids like propellants, and overall structural integrity, significantly complicating both the design and the physical resilience of the system.
Technological Challenges
From a technological standpoint, satellites operate under strict Size, Weight, and Power (SWaP) constraints. Because they rely heavily on limited energy sources like solar panels and batteries, implementing resource-heavy, modern cryptographic protocols is often unfeasible. This limitation frequently leaves them dependent on older, lighter, and potentially vulnerable encryption methods. Additionally, as orbits become increasingly congested, the threat of physical collisions with other satellites or space debris has emerged as a severe technological hurdle. This congestion requires constant monitoring and fuel-consuming evasive manoeuvres, which further strains the satellite’s limited onboard resources and complicates its overall operational security.
Space Systems: Types
Geosynchronous (GEO) satellites are positioned approximately 35,786 kilometres above the planet’s surface. This specific orbital distance allows these satellites to complete one orbit in precisely 24 hours, keeping them in a fixed position relative to Earth. This synchronization is possible because their orbital velocity (speed) matches Earth’s rotation. A minimum number of three GEO satellites is required to cover the Earth’s surface effectively. They are primarily utilized for various applications, including telecommunications, broadcasting, remote sensing, and navigation.
Medium Earth Orbit (MEO)
Medium Earth Orbit (MEO) satellites operate beneath GEO but above LEO, typically with orbital periods ranging from 2 to 24 hours. This orbital regime is highly favored for navigation and communication systems, notably housing the Global Positioning System (GPS) and China’s BeiDou network, which are designed to be intercompatible. To establish a continuous, basic functional network around this orbit, a minimum of six interconnected satellites is required, striking a balance between the broad coverage of GEO and the low latency of LEO.
Low Earth Orbit (LEO)
Low Earth Orbit (LEO) satellites operate much closer to the Earth’s surface, typically at altitudes between 200 and 2,000 kilometres, completing an orbit in just 1.5 to 2 hours. Due to their proximity, LEO satellites offer incredibly low latency, making them the most heavily utilized orbit for modern communication and internet services. However, their lower altitude means each satellite covers a relatively small geographic area, necessitating massive constellations and highly complex ground networks to ensure continuous coverage. Furthermore, the atmospheric drag at these altitudes significantly shortens their operational lifespan, requiring them to be replaced quite often.
Satellite Networks
Understanding orbital types naturally leads to the concept of satellite networks or constellations. The Iridium constellation, for example, operates in LEO and consists of numerous satellites positioned at similar distances from one another, utilizing inter-satellite links to create a continuous global mesh. Conversely, the GPS constellation operates in MEO; it requires fewer satellites than a LEO constellation but relies on a highly optimised orbital arrangement to ensure precise signal transfer times and redundant global coverage.
Current Day Problems
Before delving into the intricacies of current day problems, it is important to acknowledge the issue from a broader perspective. Satellite system security is an inherently multifaceted field of cybersecurity, demanding professionals to possess high-level expertise encompassing both engineering and physics. This implies that professionals already established in the industry, who wish to get involved in this specialized domain, may need to undergo additional training and academic studies in the fields of engineering and physics.
From a cybersecurity perspective, the confidentiality, integrity, and availability (CIA) Triad stands as a foundational concept. However, it is worth noting that the CIA Triad does not inherently safeguard cyber-physical systems such as satellites. In simpler terms, Operational Technology (OT) security is distinct from traditional Information Technology (IT) security, which primarily concerns data protection. Professor Christopher Hankin, the Professor of Computing at Imperial College London, delved into this topic from a different yet closely related perspective during one of his initial lectures to the 2023/24 MSc Security and Resilience program students.
“Operational Technology security is concerned with the protection of the systems processes against unathorised access. In contrast to Information Technology security, which is concerned with protecting data against unathorised access.”
– Professor Christopher Hankin, Professor of Computing
Technological
The first technological security challenge associated with the existing satellite systems, is the high saturation of bespoke systems, including Commercial Off-The-Shell Components (COTS) [4]. With this in mind, it is hard to standardize the layout and architecture of satellites. Systems security experts such as Greggory Falco from John Hopkins, James Pavur and Ivan Martinovich from The University of Oxford have already raised these issues as early as 2021. However, the probem is approached by changing the current technologies as they are. The problem with this approach is that retrofitting solutions are expensive. Considering the future of satellites, especially those categorized as LEO, will likely be involved in smart cities, autonomous vehicles and upcoming advancements such as 6G.
“Retrofitting is inefficient and cost-worthy. Inculcating security and resilience by design however, is a better approach.”
– Proffesor Washington Yotto Ochieng, EBS, FREng, Director of The Institute for Security Science and Technology.
The second technological challenge associated with satellite systems is their vulnerability as single points of failure. In simpler terms, if a nation-state attacker gains access to the ground station, which controls the flight and payload control computer, and proceeds to transmit signals to the satellites, these satellites will inherently trust whatever they receive from the ground station. Alternatively, if the attacker sends a stronger signal to the satellite, effectively overpowering the legitimate communication, the satellite will still trust the stronger signal. A recent example of a buffer overflow vulnerability which was exploited in satellite security was the demonstration during the DEF CON “Hack-A-Sat” competitions, where security researchers successfully used a buffer overflow to bypass access controls, gain root access, and effectively hijack a satellite’s telemetry and command systems.
Legal
The legal framework surrounding space is notably complex and ambiguous, primarily due to the foundational principle that there is no sovereign ownership in space. Governed largely by the 1967 Outer Space Treaty, space is considered the province of all mankind. This lack of jurisdiction severely complicates the “collision problem.” If a cyberattack on a commercial satellite causes it to alter its trajectory and physically collide with another nation’s critical military asset, determining liability, attribution, and whether the cyber-physical event constitutes an act of war remains a massive legal grey area.
Ethical
From an ethical perspective, the rapid commercialisation and deployment of mega-constellations have exacerbated the issue of space debris, effectively turning lower orbits into heavily littered environments. This extreme congestion in LEO raises significant ethical concerns about sustainability and the heightened risk of the Kessler Syndrome—a theoretical scenario where a single collision triggers an uncontrollable cascade of debris, rendering Earth’s orbit completely unusable and dangerous for future generations.
Credits and References
[2] https://ora.ox.ac.uk/objects/uuid:11e1b32a-8117-46b1-a0ce-9c485221d112