Like any network– whether on-prem, off-prem as-a-service or a hybrid–the interconnected nature of ground segments presents cybersecurity risks. According to an April 2024 Cybersecurity Infrastructure and Security Agency (CISA) report, ground segments are the most accessible part of the space infrastructure with two primary threats: hacking/hijacking and malware.
Ground Stations as a Service (GSaaS) are “not inherently more or less secure than traditional approaches,” according to CISA, they do have the advantage of flexibility for providers and subscribers.
However, increased use of cloud-based services has consequently increased some kinds of risk across the industry, even while digitization also offers more layers of security.
Two out of three of the most targeted vulnerabilities in 2023 were related to edge devices, Space ISAC shared. Some additional key metrics of note:
- Sensitive data is found in 66% of storage buckets and 63% publicly exposed storage buckets.
- Cloud account credentials make up 90% of for sale cloud assets on the dark web.
- Network architectures saw a 390% increase in number of vulnerabilities exploited in attacks
With that in mind, security comes down to a variety of factors such as criticality of a mission, ownership of assets, physical location of assets and best practice implementation.
Complacency
One of the more significant challenges within ground segments is complacency.
“If you’re not thinking of cybersecurity as a core function of your business, you’re vulnerable right out of the gate,” said David Weissmiller, vice president of business operations for Freedom Space Technologies, a subsidiary of ATLAS Space Operations.
State and non-state actors continuously work to disrupt the space infrastructure, making it a requirement for all parties to implement strong cybersecurity standards.
Internal cybersecurity education, for example, is a vital step in ensuring safety. “You can have the greatest security in the world but if you leave the front door wide open, it’s not going to do you any good,” said Austin Cooner, director of engineering at KSAT Inc.
Encryption
The key is in implementing cybersecurity as a service by applying digital tools, cloud infrastructures and threat mitigation tactics. However, “if you don’t trust your encryption, you’ve kind of already lost,” Cooner added.
While cybersecurity is about managing risk—in terms of probability and consequence—even the smallest margin of opportunity for intrusion will likely meet a threat in today’s complex environment. This is why encryption is vitally important.
“Generally speaking, you can either break encryption because you have the key or you can’t,” Cooner explained. “There’s also a computational and usability cost to encrypting everything and that’s where another level of risk mitigation comes in.”
Quantum encryption shows promise, Cooner said, and commercially available standards such as Advanced Encryption Standards (AES) 256 offer guidance for that crucial layer of security.
“In the last ten years we’ve seen DoD continue to advocate cybersecurity policies,” said Chris Badgett, vice president of technology at Kratos Defense. Strategies maturing into operational standards is a “good thing to see,” he stated.
Still, lack of universal standards and policies within the space industry creates a vulnerability for all participating parties. And technological advancements causing a frequent and rapid shift in the threat landscape underline the necessity for continuous monitoring.
Best practices
“Being able to incorporate these different bands and different protocols is a challenge,” Weissmiller said.
This consequently puts pressure on companies to invest in cybersecurity best practices.
For example, Amazon Web Service (AWS), one of the largest GSaaS providers with 12 ground station antenna locations around the world uses MadPot, a “sophisticated globally-distributed network of honeypot threat sensors with automated response capabilities.” The program, according to an AWS August blog post, detects more than 100 million potential threats daily, with about 500,000 of those classified as malicious. The tool was created by AWS and was announced in 2023.
KSAT leverages a third-party cybersecurity consulting group. “It’s important to rely on outside experts to support inside professionals…outside resources bring unique tools and perspectives,” said Dan Adams, general manager at the company. The group helps with internal cybersecurity education and close tracking of correct internal access.
Employing security and identity verification requirements is key across disparate layers and web-accessible platforms, Space ISAC shared. “This extends to not only the storage but also the access options as well,” a spokesperson said.
Though there are few standards and best practices specifically written for GSaaS, providers can utilize cloud security recommendations, and cybersecurity controls from the National Institute of Standards and Technology and the International Organization for Standardization.
Additionally, when it comes to DoD missions, GSaaS providers remain dependent on cloud certifications such as FedRamp. However, the fragmentation in standards within the space sector and absence of an international cybersecurity standard specific to space infrastructure, make it “difficult for a GSaaS company to assess the levels of security of a ground station third-party provider,” a GSaaS reference architecture paper states.
Space ISAC is working on an initiative focused on mapping space infrastructure to existing security controls documents. This will also help identify technology gaps.
“Once completed, this initiative may inform the GSaaS standards further,” a spokesperson stated.
Explore More:
Podcast: Tsunami of SmallSats, Growth of GSaaS Providers and the Future of Space
SSC Discusses the Future of the Ground Segment, Digitization and GSaaS
Digitalization of Ground Service, Market Changes: What’s Next for GSaaS?
