Rachel Jones - The Current State of Satellite Security

it's amazing my dress has pockets I'm so glad all right as I said before but now that you can actually hear me my name is Rachel Jones um I wanted to introduce myself a little bit because this uh topic is really near and dear to my heart and has really followed my career these past 10 years yes I'm old I know it's sad but um the reason I put this slide up here I'm currently a cyber Analyst at Savannah River National Lab I'm getting a my PhD in Aerospace science I'm very excited and focused about uh satellite cyber security which is a subject I don't think we talk about enough of but uh before we get into that I kind of want

to take you guys 10 years ago when I first heard of satellite cyber security I was actually a I was at the International Space University yes I know such a university exists it's for a bunch of space nerds uh it's in Strasbourg France we had about 47 students from 45 different nations it was great and one of those I was one of the eight selected for the U.S to go to this University I felt really excited and I was going to use my powers to really influence the space world and that's when I heard about this this is probably one of the coolest things uh if you guys ever like for fun read uh economic papers on us and China you

might have came across this oh if you don't don't worry um a lot of people didn't so this was uh the first time I'd ever heard about a satellite being hacked and not just one satellite this was two satellites getting hacked four different times and the first time this actually appeared in public was in this U.S to China report to Congress it was published in 2011 but supposedly the hacks happened about 2007 and 2008 and for those that don't know a lot about satellites there's there's two different types of hacking let's say in this article it tries to distinguish the landsat 7 which is a weather satellite from NASA and the Terra am satellite which is also a weather satellite I know

Minor Details but in one case with the Terra they actually were able to take over command and control for that satellite which means in theory that the attackers were able to actually move the satellite and could reposition it for their needs now this is 10 years ago me so please forgive me um I'm like oh my God this is the coolest thing ever I can't believe they can do that for satellites I didn't really think about some of the questions that my classmates had like well how'd they do that I'm like I don't know but this report said it happened yes that's all we needed to know but there was a lot of questions back

then no one knew how it was accomplished no one knew if it was accomplished uh we'd have a lot of conflicting ideas on this and from those ideas we kind of looked at I decided Well what do space professionals believe you know the people that are actually building the satellites controlling the satellites I mean do they think the cyber security of satellites is a risk and this is back in 2012 so it's not modern day and all these ugly wonderful things I'll get into hadn't happened yet and one of my questions was is it's an international environment if you think about moving the command and control of one satellite you could actually Ram it into another

ones yes uh that would create an international issue in this environment means that one thing being insecure would affect other things around it so you really want to have like all the things be secure this isn't just make sure your company is good but imagine if you're another company that you have to make sure all the other companies are good too so that your things aren't damaged so with satellites that are very Dynamic different ways of looking at their security needs so I wanted to do a survey of the space professionals and really look at what do they believe I mean you can have all the policies in the world but if you don't actually have

people that believe in those policies and are willing to actually follow the policies it doesn't mean much so my survey back when in 2012 looked at things like what do they actually think the threats were so the first and yes I know this is an eye test so I hope you can see so I first wanted to know what did they actually think were the three biggest threats to satellites in orbit this is 2012 I surveyed about 135 different people in 22 different countries and most of my results were from Europe and North America but I did get a good represented at least like five percent from other nations and I divided them geographically to be Asia South

South America and Africa kind of make sure I got the little bit of everyone and these were the three things that they thought were the most important risk to satellite so space debris Collision space weather mechanical failure now you notice I'll have a lot of other things up here lasers from the ground uh asteroid Collision uh what actually got pretty high up there 11 computer failure due to user error I like that one um and then I asked a couple other questions space professionals do you think a satellite you could actually get data from it yes I know I wish I could have rewarded those questions I would have done it a little bit different but I

asked them do they think that a satellite could be hacked likely 34 percent all right do you think someone could get command and control of a satellite like I told about earlier most of them didn't think that was likely I'm like the government report said so but no they still didn't believe it uh I'm not going to share all the questions with you I just kind of picked out six that I thought were most interesting so I thought attribution do you think you could prove one person actually hacked it yeah we kind of got no on that one and then three other questions I was going to share with you um if an attack on a satellite happened

uh do you think it should be announced publicly you have this commercial satellite that was attacked should they actually have some announcement in the public that it was attacked I don't want to say 50 50 because it's not but it was pretty close here 45 to 41. who should investigate if a satellite gets an attack most people thought the country of registration but you can see it's closely followed by an international organization and then my favorite should there be security minimums for satellites 68 said yes all right since then what has happened today I'm going to go over probably the four biggest we got three papers and one course that kind of really describes the modern literature

coming from about 2019 to to current and these really go over kind of what is going on in this satellite cyber security field uh this first paper I recommend it just because it's a really good basic and primer for people that might not know satellite cyber security and what we're talking about here and I bring this up because I really want to explain you you have different components when you talk about where the weaknesses is and where the vulnerabilities are I like to say my professor says if you really want to work the cyber security of satellites you have to know the space side and the Cyber side almost equally that's why I'm getting my PhD in Aerospace science and

others are getting their phds in cyber so really here this breaks down the segments um space segment ground segment user segment they don't spell it out but there's also a link segment how the satellites and ground actually talk to each other in this paper here spells out a new trend they say in the past mostly it has been like jamming attacks from the ground to the satellite but now we've actually seen more space basic attacks so we're going from satellite to attacking other satellites and that's the rising Trend but this paper also calls out some really good things about what we're doing to protect Satellites with the new use of software-defined radios and other methodologies that

we're going in to harden the Cyber Electronics aboard them so moving on this next paper I don't know if you know Aerospace Corporation but they're kind of like a think tank for the dod and they produce this paper was really nice um kind of explains the Gambit of things and if you notice in this paper it actually breaks out the different types of attacks used in each segment of the space infrastructure so you got attacks that are common to the space segment the user segment the link segment and the ground segment so what's going after these guys foreign and now yeah this is an eye chart I just wanted to throw you what it looks like

in the paper but this paper really goes good to lay out the policies and the guidelines that are being developed for the space cyber security field so if you want more this is the paper that's the chart now this paper is probably one of my favorites okay so a lot of attacks have been said in the media going against satellites anyone ever heard of any of these attacks right here you got the compromise of the NASA jet propulsion lab uh remember I talked about the landsat seven up there the NOAA observation this paper makes claim that none of the attacks ever happened I know it's really fun um I I don't want to say this is a great conspiracy paper

read but it shows you the other side of what to think about so most of the reporting for various instances reference classified documents that people don't have access to they reference things that are disputed so when I talk about the landsat 7 it was actually supposedly done by a compromise of a ground station and what this author did was they actually talked to the ground station the ground station's like no that didn't happen and they're like we don't know what the government's talking about and it just kind of shows you the other side when you're investigating instances like this did it really happen it's hard to know because not a lot of people want to talk

about it and uh the final thing I'll mention here is this uh this is a Class by aiaa and they give a good breakdown and one of the good things that they actually developed is the space domain cyber security framework that kind of lists the various segments and the different tacts that correlate to those segments and what you're going to be targeting they're a different way of laying out the framework and kind of going at it and these are some of their good case studies of cyber attacks to satellites there might be some overlap between the last slide and this side but it's really interesting and I call this out particularly because when you're dealing with a space environment

which is an environment that's not here terrestrally you have a different outside influences that you might not have with computers here yes it's possible statistically a lot of things but when you're dealing with radiation impacts to non-hardened cyber materials you have a component called bit flip so I don't know if how familiar with you guys but if you hit a a bit it actually flips the zero to a one or vice versa for some reason coders tell me that that messes up with their code or something I don't know why they can't just like deal with that but there's environmental impacts of being an extreme cold hot you know radiation inducing environment that we just don't have here on Earth and

these make it really hard I mean I know there's a lot of blue teamers forensics analysts in here well do you know if that's an attacker or is that just an environmental bit flip did they did someone purposely go into that or did something else happen and I like this publication and what they put out because they really analyzed what does those other things look like where do we need to go and what can or how we can just stimulate between the two but you know I I really wanted to see hey it's been 10 years I wonder what space profession now that we have all these lovely documents and we've had new case studies

like you know the bias act that just happened we had the you know Defcon presentation of the SDR going on taking over the Canadian decommissioned satellite I wonder what space professionals think now well I can tell you one thing cyber's up on the list looking back we now have the the top three threats to satellites cyber is actually number three and just because I don't think you'd remember what the you know random bar charts I showed you two seconds or five minutes ago looks like I have them compared up here um so with this survey it went out to space professionals I got a total of 130 respondents it was done anonymously so I don't know who the respondents are I can

tell you most of them about 50 percent were from North America Europe and South America were the the second leading contributors and um because uh my survey skills have improved from SurveyMonkey I I was now able to also add some other categories which is really nice because I got some great responses in the other categories one of which I'm pretty sure if I had included it it would have dramatically changed my entire survey they said the best way to kill a satellite is to destroy its funding um I uh I think they won but I was talking about once this satellite was actually in orbit and successful not that it can't be killed by funding

moving on um the first question you know we went a little bit of change uh whenever you do statistics and study numbers uh we use the word significant to actually mean something uh it's greater than one standard deviation away and uh I also like to look at like what the the shape it makes so you see this one is actually a little bit more than the others because the the other options were a little bit less here but if you look down here kind of get like two bumps now that's because before when everyone said not likely if you notice all the other choices yeah all of them were below 20 well now we have 32 and 33 that actually like almost

half and half yes or no they're a little bit torn here and you can see the space professionals don't know uh they they think they could have but more likely moving on to the next few questions if we look at it here we we still have the same about half and half yes and no but uh mandatory reporting has actually increased a little bit if you compare it to our 45 yes 41 no we now have 52 yes and 34 no if you do the math it's not a significant change but it does does show that there is change in the market and there is change in the ideas and that they might be receptive

um to policy implications here um it's I promise this has been 10 years but it does look almost similar to the one done in 2012 for the which country or which entity should be investigating a possible hack to a satellite but the biggest change is the the number of people that actually thinks a mandatory security minimum should be implicated so we go from a 68 to an 84 percent big numbers and I'm really glad they feel that way because there is current policy in the work that is looking towards um creating better communication and better guidance for cyber security of satellites so I brought this up for these are the most relevant policy documents that deal with

the cyber security of satellites spd5 and then there's actually an upcoming nist framework that's specifically going to address it it's in draft two um it closed for comments in early spring so I'm not sure what we're waiting on but I'm hoping that it'll come out soon for a fullness document or another draft and I've also included some wonderful sayings of people that will say things firmer than I will uh because I'm glad they said it and can be attributed and I don't have to be

all right now uh if you want to study this yourself I uh I actually have a lot of references up here I know you guys are so excited for your Academia work and then even more whoo but uh I I figured I went through that a little fast just because I know we were trying to make up on time um but I'm open for questions and I have some giveaways for good questions

uh how can we apply our current things like agents to the satellites and what limits or issues would go along with that okay uh when you say agents do you mean operators builders security agents

well that's an interesting question uh you can

it depends on which component you're trying to verify for example uh nowadays ground stations which are the devices that are actually used to control the satellite or monitor the satellite can be made by a local high schooler anyone can make a ground station to actually look at the footprint of a satellite but ground stations that are used to command and control are completely different those ground stations are supposedly more secure but they're also on the cloud uh there are Amazon web services that offers uh ground stations for satellites that you can do from anywhere so the same applications that you would use for creating a secure Cloud infrastructure could be utilized in the ground station for that but really it's

building it with security in mind from the beginning many satellites are created by universities by other countries they're created by anyone that really can afford to put it up there I mean I think you could you as an individual wanted to put up a satellite and you had a spare I don't know thirty thousand dollars you could um and right now it's not limited to what you could put up there except by the launch provider that's it so you pay enough money and you can make it happen I know doesn't that make you feel warm and fuzzy

like they're putting up a lot more satellites to cover internet is that proliferation going to have other impacts as well it's a really broad question sorry no that that's a

lot it is and and you're really dealing with two different issues here so the number of satellites and the different orbits in space that that's one issue that's actually delegated by the um itu International telecommunications Union they they monitor what orbits they can be there and when you're talking about Leo satellites which is where we're finding the large constellations you're you're looking at um most of those they now have a mandated de-orbit period so they're really getting up there quickly and they're really hopefully coming down quickly or at least with a plan but uh your very limited orbits are your Geo satellites in a very special geosynchronous range and that's actually a political nightmare because uh the

allocation for those are very competitive and getting them up there and making sure they come down is a huge ordeal um so but then you're also dealing with frequency Wars I don't know if you've heard that uh but the frequency allocation here in the U.S I'm actually getting some popcorn I'm enjoying watching the debates uh every now and then they'll have an auction I'm just like ooh is starlink gonna lose everything is our 5G gonna lose everything let's see who wins so you're dealing with a very congested environment and um the first come first serve doesn't really always hold true there

kind of crowd sourcing your hand test security because I know there's been open competitions like Hackensack and swap my Society are they interested in the results of those kinds of things to integrate that in or is I have to say it really depends on the company um some of my my classmates actually went on to found Spire which is a cubesat company and I I know from my research and me telling them about the dangers that they probably integrated it in but other companies might not see it that way imagine if you are let's say a new country launching your very first satellite you just want it to work like it getting up there without blowing

up it's responding when it needs to um you really don't think about security when you're at that level so it's one of those things where security is more as an afterthought than from the beginning because when we talk about the landsat 7 one of the biggest things that I heard from my fellow classmates were why would they hack a science experiment I mean don't they know that that science is for mankind no one would ever ever hack my precious satellite that I'm doing precious science with what good would it come so you you have to kind of overcome that mindset of why would someone do this to they'll probably do it if they can and you what

you need to do is make it a little bit difficult for them so they're not just the average person can do it I think that's also being attributed to more cots secure kind of I don't want to say modular builds of satellites that are kind of developing so nowadays instead of developing your own power source or your own this and that component you can buy one off the shelf and hopefully those on the Shelf components have a little bit more Security in them so what do we do then for existing satellite infrastructure it's it's much easier for me to take a satellite and build it now and build it with security in mind but what about like GPS

satellites that have been up there for 25 30 years what about some of these other satellites that are just kind of Legacy equipment that still has to be maintained it's still there we still have to know about it and I am really am glad you asked that question I think it it needs to be asked more often I can tell you that with modern satellites how they're trying to overcome that uh inevitability that the technology and the material that you put out into space is going to be outdated very quickly especially with the rapid involvement of chips and components here on Earth is they're using software to find radios where they can modularly update the the

hardware to you know patching basically and that has made a huge difference in our space industry so a secure encryption key is 256 bits which like is small enough you could physically build that into a circuit to not worry about stuff being this being over it so what are the design constraints for satellites that make the naive approach build in your key attending everything so you only have trust ing a ground station going to your C2 what are the design constraints that don't make that you did not solution I I like how One industry might think one thing and another industry will think something else I don't know the specific answer to your question but I

will give you a scenario that's often posed to cyber security I guess people in the when we're drinking after hours is let's say you have a group on Mars and they have a medical emergency and you really need to talk to them right then and there well whenever you design that packet of communications if you encrypt it it's already going to take more than seven minutes to get there maybe even longer you're adding in a larger file which is going to increase the time and you're also adding into the complexity of that communication Network so it's more how do you design something that's encrypted and small and can be communicated quickly that whole physics thing it gets in the

way it's horrible I I hate it sometimes

you know a lot of like Star Lincoln's other things are Telecom base is hope or perceive that there might be competitive government guidelines for these telecom companies for um their satellites that they put in space but there could be concerns about somebody going from their consumer Network to the OT size of that satellite when they're getting access to remain in control of other satellites but something is being thought about or well that that is that is something that's being thought about I can tell you that one of the things that I'm looking forward to is is next year I just got funding we're going to build a cyber security of satellites Lab at Savannah River National Lab and

we're going to integrate a Hardware in the loop satellite design so that we can look at some of those issues I think it's particularly important that those issues are looked at especially with the the new policy move for government instead of launching their own individual satellites they're thinking of more taking on payloads of other satellites or other commercial entities and you always wonder if you're plugging in this payload and you don't know what it is and you're plugging it into your Hardware is not going to interfere with something on your Hardware how do you create the the diodes that you need to make sure that information isn't spread to places that it shouldn't be um it's a major concern right now

um if you have an answer or a solution I would love to talk to you afterwards that's it for this talk