Any satellite that can change orbit can be considered a space weapon, but military commanders, policymakers do not fully understand the potential consequences.


Space is both the final frontier and the great unknown. It is the unknowns associated with the cyberwarfare in space that pose the greatest threat from the perspective of governments and militaries. Satellites have vulnerabilities that either have much in common with land-based targets, such as ground stations, solar panels, electronic transmissions, as well as commands that can instruct satellites to collide with one another, modify the trajectory of missiles, or instruct either to self-destruct. Any satellite that can change orbit can be considered a space weapon, but since many of the possible cyber scenarios in space have yet to occur, cybersecurity experts, military commanders and policymakers do not fully understand the range of potential consequences that could result.

Many of the world’s existing satellites are decades old, intended to function for perhaps a few years, but many of them failed to fail. That is great from a data collection perspective but, because their computer systems are also decades old, they make tempting targets for cyberattacks. Space agencies all over the world are naturally trying to protect their satellites and their operations more generally against cyberattack. Among the US National Aeronautics and Space Administration’s cyber concerns are hackers wanting to breach communications between its ground-based operations and one of its dozens of spacecraft transmitting research data. Its nightmare is a direct cyberattack on its satellites.

All satellite operators have special cybersecurity-related challenges. For satellite Internet providers, whose satellites cover a wider geographical area than standard Internet Service Providers (often extending more than 1,000 miles), and whose services often span multiple countries and continents, tracking the location of a computer using a satellite IP address can be somewhat difficult. By using satellite links, it is nearly impossible for hackers to be discovered. To hack a satellite, all that is technically required is a satellite dish, some cable, and a satellite modem (which costs about $1,000).

One of the most widespread and least expensive types of satellite connectivity is downstream-only, which people will sometimes use for faster downloads, since satellite connections tend to provide larger bandwidth than some other types of Internet connection. Traffic coming out of a user’s computer will go through a dial-up or other form of connection, while traffic coming in goes through the satellite connection. Since such satellite communication is not encrypted, hackers can point an antenna at the traffic to intercept the data or determine the IP address of a legitimate satellite user in order to hijack it.

Kaspersky researchers have seen hackers communicating through satellite connections around the world, but most of their activity was concentrated in the Middle East and Africa, in countries such as the Congo, Lebanon, Nigeria, Somalia, and the United Arab Emirates. It was not the first time the researchers had seen groups using satellite connections for command servers. Hackers have used so many different satellite IP addresses that it is clear they have been hijacking them from legitimate users. If adopted by criminal gangs in the future, such techniques will make it harder for researchers, law enforcement agencies, and governments to track command servers and shut them down.

It is apparent that outer space is evolving as an important frontier in cyberwarfare, but very few rules govern best practices or international law in space. A widely accepted framework for governing space is sorely needed. The first step toward creating a common framework for cybersecurity in space requires agreement on a set of principles by which strategy can be guided and risk assessed. An “actor-neutral” approach can help ensure that energy and resources are applied promptly and efficiently, and where they can be of most benefit in responses to the threats.

Cybersecurity policy in space clearly needs to extend beyond its current state of affairs, which is riddled with gaps, inconsistencies and vulnerabilities. A natural point of departure would be alignment with ongoing or future efforts designed to strengthen critical national infrastructure. That implies a meaningful exercise in long-term planning and budgeting. A bottom-up, reactive approach to this subject will not work. That approach has been tried over the past two decades and has been shown to fail, one attempt after another.

A space cyber regime should reach beyond a tick-the-box legislative mentality that provides false comfort while not really addressing the problem and allowing adversaries to get further and further ahead. If the global community of nations does not begin to seriously address these issues, as time passes, doing so will become an insurmountable task with less and less likelihood of success. There is no excuse for not marshalling the resources necessary to convene a serious global legislative and governance task force to tackle the problem of cybersecurity in space.

Given how difficult it has proven to be to get countries to operate within the framework of the existing legal regime governing cyberspace and the evolutionary nature of cyber risk in outer space, the likelihood of achieving a state of legal and operational parity among nations appears to be limited at best. Those nations—in particular, China, Russia, and the US—which have already achieved an advanced status on the path toward military supremacy in outer space will undoubtedly be reluctant to give away too much at the bargaining table in future multilateral negotiations. This will further hamper efforts to better define the cyber landscape in outer space and apply a modicum of best practices going forward.

Space really is the final frontier of cybersecurity. If ever there were an argument to be made about the efficacy and wisdom of adopting a proactive stance toward establishing cyber resiliency, it is for outer space. The direction that the cyberspace race is heading is rather worrisome. As was the case with the nuclear arms race, those nations and militaries that succeed in achieving the first mover advantage by creating visionary technologies to conquer cyber risk in space stand to gain a potentially long-term comparative advantage vis-à-vis their adversaries. All of the world’s major powers are heading in this direction. To the victor go the spoils, which, in this case, could be military supremacy for decades to come.

Daniel Wagner is CEO of Country Risk Solutions, author of Virtual Terror, and co-author of the forthcoming book AI Supremacy, which will be published in September.