Space companies say cyber threat intelligence is often overclassified, unactionable

Space industry companies say they’re often sent inconsistent, untimely and overly-classified cyber threat information from the intelligence community and others, potentially hindering their ability to respond to digital incursions against ground and in-orbit assets, according to White House findings published Thursday.

The Office of the National Cyber Director, an executive branch interlocutor for federal cyber policy, had convened some 300 people across 125 space and aerospace firms in workshops since March 2023. Their input was collected and arranged into findings focused on space industry cyber perspectives.

Those people said that — despite access to cyber threat information from various sources, including the U.S. government, private sector and open-source intelligence — space companies often find it difficult to translate that data into concrete, actionable steps to improve their cyber posture.

Those surveyed firms included L3Harris, Leidos, Lockheed Martin, General Dynamics, Raytheon, SpaceX and Viasat, according to the provided readout.

“Most companies believe the U.S. government can better distill threat intelligence in ways that provide context, make it actionable, and include impact analysis. Companies expressed interest in more information on likely attack vectors, as well as threats to on-orbit systems,” it added.

Space is becoming an emerging frontier for cybersecurity. Orbital assets, including satellites and GPS systems, underpin communications technologies used by both civilians and the military.

In the early hours of Russia’s 2022 invasion of Ukraine, Kremlin hackers disabled over 40,000 KA-SAT Viasat modems used in Kyiv and other cities across Europe. They transmitted a wiper malware — dubbed later as Acid Rain — that triggered mass communications disruptions at the start of the invasion, both the company and the National Security Agency later concluded.

Space firms also flagged that attaching baseline cybersecurity requirements onto legacy systems would be too difficult to implement. Many of those platforms, especially those in-orbit, are difficult to update, dispose of or replace because they would require specialized maintenance under conditions atypical of those standard on Earth.

Baseline security measures were nested under a slew of major cyber policy proposals pushed by the outgoing Biden administration to bolster U.S. digital defenses, but they’ve often run head-on into complaints from industry officials and lawmakers that fear those standards would not be attainable or be too inconvenient to implement.

Space matters came to the fore last February, amid confirmed reports of Russia developing an anti-satellite nuke for in-orbit use. A former Pentagon official told a congressional panel in May that a satellite detonation could render objects traveling in low-Earth orbit unusable for a year.

“This capability could pose a threat to all satellites operated by countries and companies around the globe, as well as to the vital communications, scientific, meteorological, agricultural, commercial and national security services we all depend upon,” said John Plumb, who at the time was assistant defense secretary for space policy.

Ground assets, like launch facilities or mission control centers, are easiest to breach because defending them from intrusions often involves basic cybersecurity practices that many other sectors don’t implement, a top Pentagon cyber official said in May.

A kitchen sink cybersecurity executive order signed by President Biden on Thursday directs the National Cyber Director to inventory space ground systems and propose improvements to their cyber defenses.

DefenseOne Air and Space Warfare Reporter Audrey Decker contributed to this report.