Space, the new frontier of computer warfare?

The Russian invasion of Ukraine has had an impact, from kyiv to the halls of the UN and even… space.

On February 24, as Russian President Vladimir Putin declared war on his Ukrainian neighbor, the KA-SAT satellite was taken out of service by a cyberattack.

Consequence: no more satellite internet for all of Europe - thousands of French people used it - and 6,000 wind turbines in Germany had to be shut down because they were remotely controlled by a satellite connection.

"This may be a turning point for computer security in space", repeats tirelessly since then Mathieu Bailly, vice-president space for Cysec, a Swiss company for securing sensitive data.

Like him, many of them saw in this attack "a Pearl Harbor moment for the space sector", or "9/11 in space" during Cysat, the conference on security issues in space which s took place in Paris on Wednesday 6 and Thursday 7 April.

Space is teeming with satellites

"It is true that this is the first time that a computer attack against a commercial satellite in space has been brought to everyone's attention", recognize Xavier Mehrenberger and Aris Adamantiadis, two computer security consultants who also do part of a team of "ethical" hackers tasked with testing the reliability of a European Space Agency (ESA) satellite. 

The scenario of space turning into a new frontier of cyberwarfare or cybercrime is what industry professionals dread.

"Between military satellites, civilian missions and even constellations of commercial satellites, there are a lot of space assets to protect", underlines Nicolas Chaillan, a French serial entrepreneur based in the United States who was the first person in charge of the software security for the United States Air Force and Space Force between 2019 and 2021.

Low Earth orbit (up to 2,000 km above the Earth) is indeed crawling with satellites.

There are nearly 8,000, more than half of whom are Americans (about 4,400).

And Elon Musk, the boss of SpaceX, sometimes launches more than 200 satellites a month. 

So many potential targets.

But for whom?

It is indeed difficult to know whether the hacking of the KA-SAT satellite, attributed by the United States to the Russians, is an exception or simply the tip of the space iceberg.

During a conflict, one of the belligerents may find it judicious to attack a satellite, especially if "as seems to have been the case with KA-SAT, it was used by the Ukrainian army to communicate", underlines Thomas Girard, responsible cybersecurity for CS Group, a French critical infrastructure management company in the field of defense and space. 

The threat comes mainly from state actors

But in times of peace?

The few precedents indicate that cyber-spies may be interested in the communications passing through these spacecraft.

Thus, in 2018, France suspected Russia of trying to spy on the Franco-Italian satellite Athena-Fidus.

"As it continued its rotation quietly above the Earth, another [Russian] satellite approached it, from close (…). So close that one could really believe that it was trying to capture our communications," said Florence Parly, Minister of Defense at the time. 

For Nicolas Chaillan, "Chinese cyberspies have long been interested in the space industry to recover American know-how".

"We don't realize it because most of the time these attempted attacks are classified", assures this former collaborator of the American Department of Defense who campaigns for greater transparency about computer attacks in space. "in order to raise awareness of the urgency that there is an urgent need to better protect ourselves".

Computer warfare in space therefore seems above all to be a state affair.

Specifically, "in the 1980s and 1990s there were hobbyist hackers who were interested in the challenge of hacking into something new like a satellite, but from the late 2000s state actors really started to invest resources in them because the data passing through these spacecraft became more and more strategic,” explains Adrian Nish, director of the cyber division of BAE System, the British defense and aerospace giant. 

It is not only satellite communications that can interest a computer hacker in the pay of a State.

"If someone succeeded in deactivating the GPS satellites, it would be catastrophic", underlines Nicolas Chaillan.

"Most of our opex [external operations] are based on satellite geolocation information", specifies Julien Airaud, head of cybersecurity at the National Center for Space Studies (CNES).

Satellite imagery is also a strategic issue.

"What would happen if someone tampered with the satellite photos that allow you to locate a target or to see the situation on the ground?" asks Thomas Girard, of the CS Group.

Satellite images of the Russian mobilization on the Ukrainian border have been widely used to gauge the imminence of the Russian offensive.

A hacking of these resources could have changed the face of the conflict.

And tomorrow cybercriminals?

This is why most countries - such as France and the United States - consider space as a sector of vital importance to be protected like critical infrastructures.

Hacking a satellite is also not within the reach of the first hacker to come.

"You have to understand the protocol used to configure the satellite, that is to say know how to 'communicate' with the interface", explains Aris Adamantiadis, the IT consultant who tested the reliability of an ESA satellite. .

This is why cybercriminal gangs are keeping their feet on the ground for now.

“It is much easier to deploy ransomware or steal bitcoins than to hack satellites and it still brings in a lot of money”, summarizes Adrian Nish.

But computer security against these threats on Earth will improve.

Cybercriminals may then be tempted to turn their attention to the stars, as more and more start-ups want to enter this potentially lucrative satellite market and "to win this race, some are tempted to cut corners. on cybersecurity", regret all of the experts interviewed by France 24.

“The main risk comes from the supply chain, from the proliferation of suppliers and subcontractors who intervene and who do not all have the same maturity in terms of cybersecurity”, underlines Julien Airaud, from CNES.

Small commercial satellites today contain components that are mass-produced by different companies, while the launch into space may be carried out by one company and the satellite control interface supported by another. 

It is then enough for a hacker to find a flaw in one of these service providers in order to make their way to the satellite.

This is what happened with the KA-SAT satellite.

The assailants contented themselves with attacking the ground control system which made it possible to recover the data transmitted by the satellite. 

In fact, it is happening with space what has happened with all the other sectors of innovation.

“Initially, entrepreneurs think that cybersecurity is optional and that there will always be time to take care of it when problems arise. But with space it is not so easy”, warns Nicolas Chaillan.

Indeed, if it is relatively simple to correct a security flaw in a program on a computer on the ground, it is another pair of sleeves to go and do it on a satellite.

The summary of the

France 24 week invites you to come back to the news that marked the week

I subscribe

Take international news everywhere with you!

Download the France 24 app

google-play-badge_EN