Cybersecurity Gaps Could Put Astronauts at Grave Risk
This article is part of our exclusive IEEE Journal Watch series in partnership with IEEE Xplore.
On 3 July 1996, Earth was facing all but absolute destruction from an alien force hovering above three of the world’s biggest cities. Hope of humanity’s survival dwindled after brute force failed to thwart the attackers. But a small piece of malicious computer code changed the course of history when it was uploaded to the aliens’ computer system the next day. The malware—spoiler alert—disabled the invading ships’ defenses and ultimately saved the fate of humanity.
At least, that’s what happened in the wildly speculative 1996 sci-fi film Independence Day.
Yet, for all the reality-defying situations the blockbuster depicted, the prospective reality of a malware attack wreaking havoc on a future crewed spacecraft mission has digital security experts very concerned. Gregory Falco, an assistant professor of civil and systems engineering at Johns Hopkins, explored the topic in a recent paper presented at the spring 2023 IEEE Aerospace Conference. Inspiration for the study, he says, came from his discovering a relative lack of cybersecurity features in the Artemis crew’s next-generation spacesuits.
“Maybe you might think about securing the communications link to your satellite, but the stuff in space all trusts the rest of stuff in space.”
—James Pavur, cybersecurity engineer
“The reality was that there was zero specification when they had their call for proposals [for new spacesuit designs] that had anything to do with cyber[security],” Falco says. “That was frustrating for me to see. This paper was not supposed to be groundbreaking. … It was supposed to be kind of a call to say, ‘Hey, this is a problem.’”
As human spaceflight prepares to enter a new, modern era with NASA’s Artemis program, China’s Tiangong Space Station, and a growing number of fledgling space tourism companies, cybersecurity is at least as much of a persistent problem up there as it is down here. Its magnitude is only heightened by the fact that maliciously-driven system failures—in the cold, unforgiving vacuum of space—can escalate to life-or-death with just a few inopportune missteps. Apollo-era and even Space Shuttle-era approaches to cybersecurity are overdue for an update, Falco says.
“Security by obscurity” no longer works
When the US and other space-faring nations, such as the then-Soviet Union, began to send humans to space in the late 1960s, there was little to fear in the way of cybersecurity risks. Not only did massively interconnected systems like the internet not yet exist, but technology aboard these craft were so bespoke that it protected itself through a “security by obscurity” approach.
This meant that the technology was so complex that it effectively kept itself safe from tampering, says James Pavur, a cybersecurity researcher and lead cybersecurity software engineer at software company Istari Global.
A consequence of this security approach is that once you do manage to enter the craft’s internal systems—whether you’re a crew member or perhaps in years to come a space tourist—you’ll be granted full access to the online systems with essentially zero questions asked.
This security approach is not only insecure, says Pavur, but it is also vastly different from the zero-trust approach applied to many terrestrial technologies.
“Cybersecurity has been something that kind of stops on the ground,” he says. “Like maybe you might think about securing the communications link to your satellite, but the stuff in space all trusts the rest of stuff in space.”
NASA is no stranger to cybersecurity attacks on its terrestrial systems—nearly 2,000 “cyber incidents” were made in 2020 according to a 2021 NASA report. But the types of threats that could target crewed spacecraft missions would be much different from phishing emails, says Falco.
What are the cyber threats in outer space?
Cyber threats to crewed spacecraft may focus on proximity approaches, such as installing malware or ransomware into a craft’s internal computer. In his paper, Falco and co-author Nathaniel Gordon layout four ways that crew members, including space tourists, may be used as part of these threats: crew as the attacker, crew as an attack vector, crew as collateral damage, and crew as the target.
“It’s almost akin to medical device security or things of that nature rather than opening email,” Falco says. “You don’t have the same kind of threats as you would have for an IT network.”
Among a host of troubling scenarios, proprietary secrets —both private and national—could be stolen, the crew could be put at risk as part of a ransomware attack, or crew members could even be deliberately targeted through an attack on safety critical systems like air filters.
All of these types of attacks have taken place on Earth, say Falco and Gordon in their paper. But the high level of publicity of the work as well as the integrated nature of spacecraft—close physical and network proximity of systems within a mission—could make cyberattack on spacecraft particularly appealing. Again heightening the stakes, the harsh environment of outer (or lunar or planetary) space renders malicious cyber theats that much more perilous for crew members.
To date, deadly threats like these have gratefully not impacted human spaceflight. Though if science fiction provides any over-the-horizon warning system for the shape of threats to come, consider sci-fi classics like 2001: A Space Odyssey or Alien—in which a non-human crew member is able to control the crafts’ computers in order to change the ship’s route and to even prevent a crew member from leaving the ship in an escape pod.
Right now, say Falco and Gordon, there is little to keep a bad actor or a manipulated crew member onboard a spacecraft from doing something similar. Luckily, the growing presence of humans in space also provides an opportunity to create meaningful hardware, software, and policy changes surrounding the cybersecurity of these missions.
Saadia Pekkanen is the founding director of the University of Washington’s Space Law, Data and Policy Program. In order to create a fertile environment for these innovations, she says, it will be important for space-dominant countries like the US and China to create new policies and legislation to dictate how to address their own nations’ cybersecurity risk.
While these changes won’t directly impact international policy, decisions made by these countries could steer how other countries address these problems as well.
“We’re hopeful that there continues to be dialogue at the international level, but a lot of the regulatory action is actually going to come, we think, at the national level,” Pekkanen says.
How can the problem be fixed?
Hope for a solution, Pavur says, could begin with the fact that another sector in aerospace—the satellite industry—has made recent strides toward greater and more robust cybersecurity of their telemetry and communications (as outlined in a 2019 review paper published in the journal IEEE Aerospace and Electronic Systems).
Falco points toward relevant terrestrial cybersecurity standards—including the zero-trust protocol—that require users to prove their identity to access the systems that keep safety-critical operations separate from all other onboard tasks.
Creating a security environment that’s more supportive of ethical hackers —the kind of hackers who break things to find security flaws in order to fix them instead of exploit them— would provide another crucial step forward, Pavur says. However, he adds, this might be easier said than done.
“That’s very uncomfortable for the aerospace industry because it’s just not really how they historically thought about threat and risk management,” he says. “But I think it can be really transformative for companies and governments that are willing to take that risk.”
Falco also notes that space tourism flights could benefit from a space-faring equivalent of the TSA—to ensure that malware isn’t being smuggled onboard in a passenger’s digital devices. But perhaps most important, instead of “cutting and pasting” imperfect terrestrial solutions into space, Falco says that now is the time to reinvent how the world secures critical cyber infrastructure in Earth orbit and beyond.
“We should use this opportunity to come up with new or different paradigms for how we handle security of physical systems,” he says. “It’s a whitespace. Taking things that are half-assed and don’t work perfectly to begin with and popping them into this domain is not going to really serve anyone the way we need.”
IEEE Spectrum