A newly proposed law would enhance cybersecurity for commercial satellites to protect them from getting hacked by bad actors which is, apparently, a real threat we need to worry about now.
The Satellite Cybersecurity Act, introduced by Senators Gary Peters (D-Michigan) and John Cornyn (R-Texas), would empower the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to develop “voluntary satellite cybersecurity recommendations,” the likes of which would be made available to the private sector for use in securing their space hardware. The bill would also require the U.S. Government Accountability Office to conduct a study that looks into the ways the federal government currently supports cybersecurity for the commercial satellite industry.
“As commercial satellites become more pervasive, hackers could shut satellites down, denying access to their service or jam signals to disrupt electric grids, water networks, transportation systems, and other critical infrastructure,” reads a press release from the U.S. Senate Committee on Homeland Security and Governmental Affairs, which announced the introduction of the new bill on Wednesday. “The senators’ legislation will ensure the United States is prepared to address these threats as hackers increasingly target commercial satellite systems.”
Concerns around satellite security are heightened by the large role they currently occupy in the blossoming space industry. Over the last few years, commercial satellite launches have seen a huge spike: 2020 saw a 37 per cent increase in the number of commercial launches — more than three times the amount conducted in 2019 — according to an industry report published last year. As such, satellites are considered a major driver of the space industry overall, accounting for some 73 per cent of the total space business, or hundreds of billions of dollars in revenue, according to the report. With all that money on the table, it’s no surprise that private industry wants to make sure it can protect its product — something the newly introduced bill endeavours to do.
And, you might not think it, but there are actually tons of reports of satellites getting hacked. As far back as 1999, a controversial report emerged that a band of cybercriminals had managed to take control of a British military satellite, after which they allegedly made financial demands of the government. More recently, in 2011, U.S. officials accused the Chinese government of having hacked two weather satellites operated by the National Oceanic and Atmospheric Administration, though China firmly denied the allegations. A similar episode involving U.S. defence contractors is alleged to have happened in 2018, also involving Chinese hackers.
A lot of these reports are unconfirmed or disputed, though experts generally agree that it’s certainly possible to hack a satellite — and can, in fact, be quite easy. One of the simplest ways to do this is to hack into the ground office that controls a satellite. After you open that door, commandeering the physical hardware in outer space can be a fairly straightforward process, said Bill Malik, an executive at security firm Trend Micro, during an RSA seminar on satellite security systems given several years ago.