U.S. Government Rolls Out Cybersecurity Guidelines For Its Space Systems

Cybersecurity is a priority across the globe, with a recent survey predicting that cybercrime will cost the world $6 trillion annually by 2021. In addition to the financial repercussions, there are also concerns about how these attacks can impact a nation’s critical infrastructure.

With that in mind, the U.S. government has been working to set up protections, and in 2018, the Cybersecurity and Infrastructure Security Agency (CISA) was established. The Agency works to boost the nation’s ability to defend against cyberattacks and works with the federal government to provide much-needed cybersecurity tools.

One area on the forefront of the government’s priorities is the U.S. space system. The White House just issued a new set of cybersecurity principles to protect its commercial and critical infrastructure investments in these space systems, which enable key functions such as global communications, navigation, scientific observation, exploration, weather monitoring, and multiple vital national security applications. The principles highlight the vulnerability of these systems to malicious activities that could disrupt space operations or even destroy satellites.

A variety of malicious attacks can be utilized by criminals against the space systems, including spoofing sensor data, corrupting sensor systems, jamming or sending unauthorized commands for guidance and control, injecting malicious code, and conducting denial-of-service attacks. These tactics can cause such issues as mission data loss, decreased lifespan or capability of space systems, and a loss of control over space vehicles including satellites, space stations, and launch vehicles.

In an effort to prevent these issues, the government has created the Space Policy Directive-5 to help ensure stronger safety and security measures, including integrating cybersecurity into all phases of development and ensuring full life-cycle cybersecurity for space systems.

Also among the issued guidelines were directives to protect against unauthorized access to space vehicle functions; utilize physical protection of command, control, and telemetry receiver systems; establish measures to counter communications jamming and spoofing; and manage supply chain risks and improve collaboration between space system owners.

The recommendations come a few months after the U.S. and U.K. accused Russia of testing a weapon-like projectile in space that could be used to target satellites in orbit. More than 100 nations—including the U.S., U.K., Russia, and China—signed a treaty promising that outer space can be explored by all and for only peaceful purposes—and that weapons should not be placed in orbit or in space.

As dependance on satellite technology for navigation, communication, and national security increases, using cybersecurity principles and practices to protect these assets will continue to be a priority for the U.S. government.