The space sector is facing a growing threat from nation-state cyberattacks, making it critical for organizations to know who has built every component that makes up a spacecraft.
A single compromise of one supplier could result in a disastrous incident, according to Neil Sherwin-Peddie, Head of Consulting - Central Government and Head of Space Security at BAE Systems Digital Intelligence, speaking at the CIISec Live 2023 event.
“We even look at who has supplied us with the sheet metal for outside of the spacecraft,” said Sherwin-Peddie.
The issue of supply chain security is particularly relevant to the space sector due to the significant threat of nation-state attacks to spacecraft, to harm rival countries or for cyber-espionage. This was shown by Russia’s attack on Viasat’s KA-SAT satellites in Ukraine in the early stages of its invasion of the region in February 2022.
Sherwin-Peddie gave an example of the manufacture of satellites at BAE, where the company realized the fifth party supplier of cameras they were intending to purchase was a Chinese company. As a result, these plans had to be changed as Chinese firms cannot be used due to national security concerns.
Applying Lessons from Space to Cybersecurity on Earth
The way we think about cybersecurity generally “has to be completely different for the space sector,” Sherwin-Peddie noted. However, the wider industry could benefit from some of the space-focused approaches, particularly in detection and response.
A key challenge in space is that spacecraft, such as satellites, are operating 500km away and constantly moving – “basically flying data centers above the Earth,” he added.
There is no opportunity for cybersecurity professionals to physically access the computer systems on these vessels.
Organizations like BAE have their own cyber security operations centers (CSOC) constantly monitoring these vessels to quickly identify when they are acting in an unexpected way and responding dynamically if so.
Additionally, some attacks could prevent communication with spacecraft from the ground, such as when command and control has been compromised. In these scenarios, spacecrafts must be equipped to deal with cyber-incidents themselves, and machine learning (ML) technology is playing a crucial role in achieving this, explained Sherwin-Peddie.
These tools train the spacecraft to know what ‘normal’ is, and be able to change its approach when something unusual is happening in its system, e.g. memory usage.
Sherwin-Peddie argued that cyber professionals generally would be well-served utilizing such principles into their own work.
“Today, do you know what normal looks like in your business?” he asked, adding that having this understanding is critical to fast remediation and response to attacks.