Should Space Be Designated Critical Infrastructure? Threats & Cybersecurity

The Case for Designating Space as Critical Infrastructure

• 🚀 With over 11,833 active satellites, a significant portion being commercial, humanity is increasingly reliant on space-based assets for everyday occurrences.
• 💡 The discussion centers on whether space should be officially designated as critical infrastructure due to this growing dependence.

The Role of the Office of the National Cyber Director

• 🏛️ Jake Braun, former acting Principal Deputy National Cyber Director, explains the office's role in compelling government-wide cyber policies and updating the National Cyber Strategy.
• 🛰️ His office advocated for including space infrastructure security as a key component within this strategy.

Benefits and Drawbacks of Critical Infrastructure Designation

• ⚖️ Designating space as critical infrastructure could lead to increased regulations and scrutiny from the government.
• 💰 Conversely, it can also unlock access to valuable government resources, such as threat intelligence sharing and free cybersecurity assessments through entities like CISA.
• 📈 While major corporations may not receive free assessments, smaller space companies could significantly benefit.

Understanding Threats in the Space Domain

• ⚠️ Nation-state actors, like China, Russia, and Iran, pose significant threats, capable of sophisticated attacks even on hardened, offline systems (e.g., Stuxnet).
• 🛰️ Satellites, by definition connected to global networks, are vulnerable to cyberattacks.
• 📡 A Defcon finding revealed hackers could exploit VSAT satellite modems from Earth using software-defined radios, demonstrating a signal injection attack on a shoestring budget.
• 💥 The potential for state-sponsored actors with vast resources to exploit similar vulnerabilities is a major concern, especially in geopolitical conflicts.

Typical Space Domain Cyberattacks

• 💻 Attacks in the space domain are not entirely novel, often employing standard network attack techniques seen against terrestrial systems.
• 🔍 This includes basic attacks like SQL injections, depending on the specific attack surface.
• 🚨 Nation-states actively stockpile zero-day vulnerabilities specifically targeting space infrastructure.

Strengthening Space Cybersecurity

• 🤝 Collaboration and threat intelligence sharing are crucial for both large and small space companies.
• 🚀 Joining the Space ISAC (Information Sharing and Analysis Center) is highly recommended, often with reduced rates for smaller entities.
• 🧑‍💻 Hiring a Chief Information Security Officer (CISO) is vital, not only for security but also for company valuations, as investment rounds can attract targeted attacks.
• 📚 Companies should consider hiring and training individuals with less formal cyber expertise but strong potential, leveraging online courses and certifications to build a capable workforce.

The New Great Game

• 🌍 The current geopolitical landscape is described as a "new great game," a struggle between authoritarian states (Russia, China, Iran, North Korea) and democracies over control of the internet and cyberspace.
• 🌌 Space is identified as a primary battleground in this conflict, with significant implications for freedom, fairness, and security in the digital age.