An artist's illustration of a satellite-servicing spacecraft approaching its target.

An artist's illustration of a satellite-servicing spacecraft approaching its target. SSL

Fearing Satellite Hacks and Hijacks, White House Issues Space-Security Directive to Industry

Manufacturers need to build in better defenses and even ways to regain control of hijacked spacecraft, directive says.

Satellite makers and operators should harden their spacecraft against hackers and hijackers, and collaborate to make sure everyone is on the same page, according to a White House policy directive released Friday. 

The new Space Policy-Directive 5 urges manufacturers to design their hardware and software so that operators can monitor and adapt to “activities that could manipulate, deny, degrade, disrupt, destroy, surveil, or eavesdrop on space system operations.” They should also have 

plans and tools in place to recapture control of satellites that get jammed, spoofed, hacked, or hijacked. 

The directive urges satellite makers and operators to also better manage the security of ground stations and address “supply chain risks that affect cybersecurity of space systems.” It calls on satellite makers to better collaborate and “share threat, warning, and incident information within the space industry.”

The national security community has become increasingly focused on threats to U.S. satellites over the last several years, as Chinese space activity has grown, Russia has taken some provocative maneuvers in space, such as the recent test of a space-based projectile, and India tested an anti-satellite rocket. A 2019 Defense Intelligence Agency report said that China and Russia are “developing jamming and cyberspace capabilities, directed energy weapons, on-orbit capabilities, and ground-based anti-satellite missiles that can achieve a range of reversible to nonreversible effects.” 

But the threat of malicious cyber activity against space communications, whether targeted at satellites or the ground software and hardware, is among the most severe threats. In March, the Center for Strategic International Studies, or CSIS, documented growing cyber and physical threats to U.S. and allied satellites. “Cyberattacks can be used to monitor data traffic patterns (i.e., which users are communicating), to monitor the data itself, or to insert false or corrupted data in the system,” the CSIS report said. 

The White House announcement is a step forward, said one of the report’s authors, Todd Harrison, director of defense budget analysis and senior fellow in the International Security Program at CSIS. “While many commercial firms already do the things outlined” in the directive, Harrison said, “it is good governance to put these things down in policy and it sets the right example for other nations to follow. Part of being a leader in space is leading by example when it comes to best practices in commercial space operations. It is also important for national security because the military relies on many commercial space systems to augment its own capabilities in areas like communications and imagery.”

Brian Weeden, technical advisor for the Secure World Foundation, said that the memo was expected and was the result of a process that had been going on for some time. “Cybersecurity has been a low-key but growing issue in the space world, as we've shown in our annual Global Counterspace Capabilities report. Satellite operators (both governments and companies) are very reluctant to talk openly about any attacks they've experienced, but satellites are essentially computers in space connected to more computers on the ground and as such are vulnerable to many of the same cyber attacks we see in other sectors. “

Weeden described the new directive as “good” and “about what you would expect” from a presidential directive. “The policy directive relies mainly on industry best practices and standards to address those challenges, which is the norm across the cyber world. But we've seen in a lot of other areas that those practices and standards aren't nearly enough to prevent massive hacks and disruptions, so I fear we'll need to go a lot further than just voluntary recommendations.”