The unmanned space-facing port of the International Space Station's Harmony module was photographed several hours before the SpaceX Dragon Freedom spacecraft moved there after separation from the Harmony's forward port.
NASA Johnson Space Center
In the race to conquer the universe, space exploration's greatest challenge may be the vastness of the unknown, but this distance from Earth does not deter the invisible hands of cybercriminals aiming to sabotage missions from thousands of miles below.
Spacecraft, satellites and space systems face cybersecurity threats that are becoming increasingly complex and dangerous. With interconnected technologies controlling everything from navigation to anti-ballistic missiles, any security breach could have catastrophic consequences.
“There are unique limitations to working in space in that you cannot physically access the spacecraft for repairs or upgrades after launch,” said William Russell, director of contracting and national security acquisitions at the U.S. Government Accountability Office. “Consequences of malicious cyber activities include loss of mission data, reduced life or capability of systems or space constellations, or control of spacecraft.”
Critical space infrastructure is vulnerable to threats across three main sectors: in space, on the ground segment, and within communication links between the two. A breach of one of these systems could be a cascading failure for all, said Wayne Lowenstein, co-founder and CEO of VFT Solutions, and co-author of Cyber-Human Systems, Space Technologies, and Threats. “In many ways, threats to critical infrastructure on Earth can create vulnerabilities in space,” Lowenstein said. “Internet, energy, spoofing and many other factors that can cause chaos in space,” he added.
Artificial intelligence risks in mission-critical systems
The integration of artificial intelligence into space projects has increased the risk of complex cyber attacks organized by government agencies and individual hackers. Incorporating AI into space exploration allows more decisions to be made with less human oversight.
For example, NASA uses artificial intelligence to target scientific samples of interplanetary vehicles. However, reduced human oversight could make these missions more vulnerable to unprovoked and potentially catastrophic cyberattacks, said Sylvester Kaczmarek, chief technology officer at OrbiSky Systems, which specializes in integrating artificial intelligence, robotics, cybersecurity and edge computing into aerospace applications.
Data poisoning, where attackers feed AI models with corrupted data, is one example of what can go wrong, Kaczmarek said. Another threat is model reversal, where adversaries reverse engineer AI models to extract sensitive information, which could compromise mission safety, he said. If compromised, AI systems could be used to interfere with or take control of national space missions of strategic importance.
“AI systems may be vulnerable to unique types of cyberattacks, such as adversarial attacks, where malicious input is designed to trick the AI into making incorrect decisions or predictions,” Lowenstein said. He added that artificial intelligence could enable adversaries to “carry out complex espionage or sabotage operations against space systems, which could lead to changing mission parameters or stealing sensitive information.”
The Quetzal-1 CubeSat is seen being deployed from the JEM Small Satellite Orbiter Deployment Module aboard the International Space Station.
NASA Johnson Space Center
Worse still, AI could be weaponized – used to develop advanced space weapons or counter-space technologies that could disable or destroy satellites and other space assets.
The US government is working to tighten the safety and security of artificial intelligence systems in space. The 2023 Solar Cyberspace Commission report emphasized the importance of classifying outer space as a critical infrastructure sector, and urged strengthening cybersecurity protocols for satellite operators.
Lowenstein recommends rigorous testing of AI systems in simulated space conditions before deployment, and redundancy as a way to protect against an unexpected hack. “Implement redundant systems to ensure that if one AI component fails, other components can take over, thus maintaining mission safety and functionality,” he said.
Using strict access controls, authentication, and error correction mechanisms can ensure that AI systems operate with accurate information. Lowenstein said there are reactive measures when these defenses are compromised, by designing AI systems with fail-safe mechanisms that can return to a “safe state” or “default mode” in the event of glitches or unexpected behavior. . Manual override is also important. “Ensure that ground control can override the AI decision-making process or intervene manually, when necessary, providing an additional layer of security,” he added.
Competition between the United States and China
The rivalry between the United States and China involves the new space battlefield. As both countries ramp up their space ambitions and military capabilities outside the Earth's atmosphere, the threat of cyber attacks targeting vital orbital assets has become a growing concern.
“The competition between the United States and China, with Russia as a secondary player, increases the risk of cyberattacks as these countries seek to achieve technological superiority,” Kaczmarek said.
Although they do not receive as much attention in the mainstream press as consumer, cryptocurrency, or even nation-state hacks against major U.S. private and government infrastructure on Earth, notable cyberattacks have targeted important space-based technologies in recent years. As the United States, China, Russia, and India intensify their efforts to dominate space, the stakes are higher than ever.
There have been repeated cyber attacks this year on the Japanese space agency JAXA. In 2022, there were hacks of SpaceX's Starlink satellite system, which Elon Musk attributed to Russia after supplying satellites to Ukraine. In August 2023, the US government issued a warning that Russian and Chinese spies were aiming to steal sensitive technology and data from US space companies such as SpaceX and Blue Origin. China has been involved in numerous cyberespionage campaigns dating back a decade, such as the 2014 hack of the US National Oceanic and Atmospheric Administration's weather systems, putting space-based environmental monitoring at risk.
“Countries like China and Russia target U.S. space assets to disrupt operations or steal intellectual property, which could lead to mission compromise and loss of technological superiority,” Kaczmarek said.
Space-based systems increasingly support critical infrastructure on Earth, and any cyberattacks on these systems could undermine national security and economic interests. Last year, the US government allowed hackers to hack into a government satellite as a way to test vulnerabilities that the Chinese could exploit. This came amid growing concerns at the highest levels of government that China is trying to “deny, exploit, or hijack” enemy satellites — a revelation that became public in the leak of classified documents by US Air National Guard Jack Teixeira in 2023.
“The ongoing space race and related technologies will continue to be affected by Viasat-like cyberattacks,” GAO's Russell said, referring to a 2022 cyberattack against the satellite company that U.S. and British intelligence attributed to Russia as part of its war against Ukraine.
Cloud space for big tech companies
Private companies and the government will need to use all cybersecurity tools at their disposal, including encryption, intrusion detection systems, and cooperation with government agencies such as the Cybersecurity and Infrastructure Security Agency for intelligence sharing and coordinated defense.
“These collaborations could also include the development of cybersecurity frameworks specifically designed for space systems,” Kaczmarek said.
Meanwhile, Silicon Valley-based technology companies have made rapid progress in cybersecurity, including those designed to secure space technologies. Companies like Microsoft, Amazon, Googleand Nvidia They are increasingly being recruited by the US Space Force and the Department of Defense for their specialized resources and advanced cyber capabilities.
It is worth noting that Microsoft is a founding member of the Space Information Sharing and Analysis Center, and has been an active participant since its founding several years ago. “Microsoft has partnered with the US Space Force to support its growth as an all-digital service, bringing cutting-edge technology to ensure Space Force Guardians are prepared for space conflicts,” a Microsoft spokesperson said via email.
As part of the $19.8 million contract, Microsoft is providing Azure cloud computing infrastructure, simulations, augmented reality and data management tools to support and secure a wide range of Space Force missions. “Microsoft plays a key role in defending against cyber threats in space,” the spokesperson wrote.
Google Cloud, Amazon Web Services, and a defense contractor General dynamics It also provides cloud infrastructure to store and process vast amounts of data generated by satellites and space missions.
NvidiaIts powerful graphics processing units can be used to process and analyze satellite images and data. According to Lowenstein, the chipmaker's AI chips could enhance image processing, anomaly detection, and predictive analytics for space missions. But there are limits to relying on technology in space operations as a safety benefit rather than an added layer of risk.
“Heavy reliance on automated systems can lead to catastrophic failure if those systems malfunction or encounter unexpected scenarios,” Lowenstein said.
A single point of failure can jeopardize the entire mission. Furthermore, the extensive use of technology can compromise the skills and knowledge of human operators, which may atrophy if not practiced regularly.
“This may lead to challenges in manual operation during emergencies or system failure,” Lowenstein added.