THIS ARTICLE IS republished from Conversation under Creative Commons License.
The U.S. military recently launched a groundbreaking initiative aimed at strengthening links with the commercial space industryThe goal is to integrate commercial equipment with military space operations, including satellites and other equipment. This would improve cybersecurity for military satellites.
As space becomes increasingly vital to the world’s critical infrastructure, the risk increases that hostile nation states will launch cyberattacks on vital satellites and other space infrastructure. The targets would not only be spy satellites and military communications satellites, but also commercial spacecraft.
The US Department of Defense believes that its recent partnership, called Commercial Expansion Space Reserve (CASR)would enhance U.S. national security and the country’s competitive advantage in space. It would go some way beyond the existing relationship between government and private contractor.
In some cases, the commercial sector has quickly outpaced government capacity. This situation is common in many space-capable nations and may also be true in parts of the United States.
The governments of some nation states therefore face a choice. They could operate specially designed systems to protect their satellites, even though they may be obsolete, or they could operate other commercial – and potentially more advanced – “off-the-shelf” components. However, commercial equipment may be less well understood in terms of its vulnerability to cyberattacks.
Nevertheless, the U.S. Army believes that CASR will provide it with advanced strategic capabilities and that potential risks can be minimized by actively avoiding overreliance on any single commercial entity.
The supply chain is designed to transform the U.S. military from a confined pool of commercial suppliers to a broader range of partners. But there are also risks associated with a larger pool of commercial suppliers. Some may be unable to meet the demands of military contracts, may become financially unstable, or face other pressures that make it tough for them to supply key components.
Modern priorities
In 2022, there was a cyber attack on the consumer broadband satellite Internet access service KA-Sat. Its targets were satellites providing broadband and disrupted the service.
There are many ways to attack another country’s satellites, such as anti-satellite weapons (ASAT), which often aim to physically destroy or disable a spacecraft. However, compared to ASAT, cyberattacks can be carried out in different ways cheaper, faster and harder to track.
Part of the fundamental need to prioritize cybersecurity arising from this strategy is the fact that the United States is an attractive market for global space players. Therefore, this strategic change by the US Department of Defense is likely to encourage more global companies to participate.
Cyber resilience in the space industry has not always been a priority, and it will likely be some time before it becomes a consideration for major players in the space sector.
This historical lack of emphasis on cybersecurity in space underscores an obvious need. There are also inconsistencies and gaps in the baseline cyber requirements for government and industry, which vary depending on the position of each nation state.