Cybersecurity of NATO’s Space-based Strategic Assets

Research paper

Published 1 July 2019

Updated 11 December 2020

ISBN: 978 1 78413 340 5

— The radar domes of RAF Menwith Hill, reported to be the biggest spy base in the world, dominate the skyline on 30 October 2007 in Harrogate, UK. Photo: Getty Images

Dr Beyza Unal

Former Deputy Director, International Security Programme

Almost all modern military engagements rely on space-based assets, but cyber vulnerabilities can undermine confidence in the performance of strategic systems. This paper will evaluate the threats, vulnerabilities and consequences of cyber risks to strategic systems.

2. Cyber Risks to Space-based Strategic Systems

Risk is a product of probability and consequence. However, since estimating the probability of a cyberattack is unreliable at best,11 this paper focuses on the qualitative nature of potential threats, vulnerabilities and their impacts. Without knowing the actual likelihood of an event happening, it is still possible to assess threats and likely degree of exposure, which can identify potential resilience measures. In essence, the priority of NATO and its allies should be the readiness of their forces to identify potential threats and defend critical assets, rather than the likelihood of cyberattacks on space-based strategic systems. This approach minimizes risk by taking preparedness, resilience and continuity into the equation. Furthermore, it does not require detailed knowledge of an adversary’s motivation and capability.

Cyberattacks are a different beast to traditional forms of aggression. Whereas electronic attacks use physical means (such as jamming or ‘spoofing’) to interfere with the transmissions of radio frequency signals and cause reversible damage, cyberattacks employ digital manoeuvres to target data and access systems in order to cause permanent damage.12 Electronic warfare methods can physically cut out communication signals that go to satellites (upstream) and come back from satellites (downstream). The attacker could send fake signals (spoofing) and trick the system without the knowledge of the receiver. In a cyberattack, however, an adversary would be able to gain full access to satellites as well as data, enabling them to cause permanent damage.13

Spoofing information through cyber means is a more sophisticated form of jamming. In times of conflict, global positioning system (GPS) digital spoofing – which involves digital interception and manipulation – permits the transmission of false information without the awareness of either the transmitter or the receiver. This approach could be used to disorient troops or even control their deployment. In order to mitigate risks, military forces should have the means to validate information integrity and detect spoofing and manipulation of data. One possible approach would be to educate and train personnel in alternative navigation methods as a minimum requirement for those working for NATO and its allies.

Cyberthreats to strategic systems

Cyber research is a fast-moving and constantly evolving area of science, and the scope of cyberthreats that countries face is on the rise as malicious actors find new ways to infiltrate weapons systems.

The use of electronic warfare methods and cyberattacks in peacetime illustrates the blurred lines of engagement between nations even in the absence of conflict. According to Norwegian military and NATO officials, Russia persistently jammed civilian GPS signals during NATO’s 2018 Trident Juncture exercise in Europe’s High North region, which highlights the growing threat. In November 2018, NATO Secretary-General Jens Stoltenberg stated that electronic warfare and cyberattacks were increasingly being used in operations.14 It was also reported that NATO officials believed Russia is testing this capability through its large-scale exercises, such as Zapad 2017, which was conducted jointly with Belarus in September 2017.15

According to the Consultative Committee for Space Data Systems (CCSDS), the most common cyberthreats to the space segment, ground segment and space-link communication segment include data corruption/modification; ground system loss; interception of data; jamming; denial of service; masquerade (spoofing); replay; software threats; and unauthorized access.16 There is also crossover between offensive and defensive activities in cyberspace and space, given that – technologically – offence is easier and more cost-effective than defence.17 Furthermore, space-related personnel are vulnerable to cyberthreats. Social engineering is becoming an important tool when used by adversaries, and – whether it occurs deliberately or unwittingly – the potential for people to constitute the weakest link in cyber defence is an increasing reality.18

The nature of cyber activities must evolve from being purely defensive to include active, persistent engagement, in order to disrupt attackers of western critical space-based capabilities. Given the importance of space-based systems to critical infrastructure that supports NATO military capabilities, it would be prudent to assume that an adversary is already active in these networks and focus on resilience measures. This increases urgency for advanced techniques, such as AI and machine learning (ML),19 to identify and respond to modern threats.

Both China and Russia prioritize electronic warfare, cyberattacks and superiority within the electromagnetic battlespace as part of a strategy to achieve victory in future operations. Available doctrine from these nations highlights a key focus on preventing adversarial satellite-based communication systems from impacting their operational effectiveness20 – a focus shared in US military planning and policy.21

Russian space capabilities and their cybertechnologies pose particular threats to NATO. For its navigational system, Russia relies on its own satellite system GLONASS (Global Navigation Satellite System), rather than the US-provided GPS or the EU’s Galileo system. As part of a series of improvements to its communications technology and GLONASS, Russia is designing new navigation satellites, which are claimed to be highly accurate and longer lasting.22 Russia has been testing its capabilities in a hybrid context in Syria and in Ukraine, particularly relying on capabilities for jamming GPS signals to ground remotely piloted aircraft. It is reported to have conducted denial-of-service attacks on radio and telephone equipment, and to have attempted to steal encrypted military data.23

It is likely that several countries – such as the US, Russia and countries within the EU – will in future possess working quantum communications satellites.

China, too, is improving its space capabilities by investing in new areas of research, such as quantum communications satellite technology, which provides a new way to encrypt information transmitted between satellites, increasing the difficulty of hacking information.24 In this regard, China’s Micius satellite, the first of its kind when it was launched in 2016, may eventually be able to provide a quantum cryptography service.25 Other countries are following suit and it is likely that several countries – such as the US, Russia and countries within the EU – will in future possess working quantum communications satellites. The European Space Agency, for instance, signed a contract with Luxembourg-based SES Techcom SA to develop a quantum cryptography telecommunication system (to be known as QUARTZ).26 With this agreement, quantum communications have opened a new dimension in cryptography. Quantum capabilities are likely to make existing asymmetric-based, traditional cryptographic-based protection obsolete. The EU, the UK and the US are all investing heavily in a range of quantum technologies – including communication devices, computers and imaging enhancers.

Vulnerabilities to strategic systems

When analysing risk, understanding system vulnerabilities is as important as understanding the threat landscape. Threats alone would not pose a risk if there were no known vulnerabilities for an adversary to exploit. Similarly, system vulnerabilities would not always result in risk, especially in peacetime, when there is no incentive to attack or infiltrate.

In the military domain, some of the major system vulnerabilities include the use of commercial companies for military purposes; ‘back-doors’ in encryption; and the supply-chain security of satellites.27 This list can also be extended to include physical, personnel and procedural vulnerabilities. Risks also arise from the dual-use aspect of most of the space-related technology – where the technology can be used for both civilian and military purposes. For instance – whether fixed or mobile units – communications satellites and broadcasting satellite services have both civilian and military utility. Similarly, the utilization of satellite imagery capability in the civilian sphere for earth observations, environmental monitoring, and the provision of oceanographic and cartographic data, also extends to the military domain.28 There is an increasing need to apply higher-grade military hardening and cyber protection specifications to civilian capabilities that have the potential to be used in support of military applications.

These capabilities aside, terminals located in ground stations constitute a critical vulnerability, as a terminal is an access point to a satellite and is usually not protected by authentication in order not to hinder operational actions. Terminals house software systems that can be compromised and require patching and upgrading. Moreover, software embedded in weapons systems (such as precision-guided munitions) could also be compromised.

At times, NATO allies procure equipment and software to be integrated into their national defence architecture, which becomes part of the overall NATO capability. The commercial supply chain is embedded in nearly every aspect of military equipment. This may not necessarily be a particular vulnerability, as long as commercial equipment is designed to military standards and is secure. However, if military standards are not met, items procured from commercial industry with design flaws may expose NATO’s systems to additional vulnerabilities.

While the absence of data is easy to detect, the manipulation of data or erosion of confidentiality at such an interface is potentially more difficult to discern.

Civil satellites, operated by private companies, may be used to fulfil specific missions in locations where NATO allies do not have their own space equipment. Ground stations constitute further elements that are relevant for the data flow. From a cybersecurity point of view, each interface could present a vulnerability and could become a weakness, as an interface typically requires manual processes to establish its operation, and/or the administration of the components involved. Adversaries infiltrating ground- or space-based systems could exploit weak software implementation, or the incompatibility of network or data transfer protocols in the chain. While the absence of data is easy to detect, the manipulation of data or erosion of confidentiality at such an interface is potentially more difficult to discern. Vulnerabilities can stem from:

A higher number of data exchange interfaces used between the military and civil sectors;
The fact that each actor has its own isolated view of its data network, protected by its own security standard;
The use of old and proprietary IT hardware and software; and
The failure or inability to conduct regular software updates to remove known vulnerabilities.

In such an environment, it seems difficult to ensure security of the information delivered.

Space-specific risks for the NATO alliance and for key NATO countries

Space systems, which include both satellites and ground stations, as well as related space products and services, provide mission-critical information both for NATO’s member states and for the alliance as a whole. NATO relies on space-based assets for almost all of its operations and missions.29 Some of the critical missions that rely on space assets include: defence of NATO’s territory and the neighbouring regions; peacekeeping missions; humanitarian assistance and disaster relief; counterterrorism; and conflict prevention activities.

NATO does not own satellites. It owns and operates a few terrestrial elements, such as satellite communications (SATCOM) anchor stations and terminals. It requests access to products and services but does not have direct access to satellites, leaving it up to its allies to determine whether they provide access to their satellite capabilities. NATO has established memoranda of understanding with allies for possible use of space products and services.

Originally, in the US, space systems used by the military were separated from commercial and civilian assets in terms of their development and operation.30 One of the reasons for this separation was to protect the military structure against physical and cyberthreats. Military space system safety and security requirements were also higher and more stringent than in the commercial sphere (for example, requirements to invest in survivability enhancement mechanisms in order to resist jamming, or special design approaches for military space architecture). In recent years commercial methods, for instance the capture and analysis of satellite imagery, have been shown to be as effective as military means. As a result, NATO uses a mix of military, civilian, commercial, and national/multinational assets to conduct its operations. The joint use of these assets, however, comes with an acceptance of inherent risk, not only to the countries that provide such capability but also to the alliance as a whole. In response, the European Defence Agency, through its Governmental Satellite Communications (GOVSATCOM) development programme, decided to build an intermediary class of satellites between commercial SATCOM and military SATCOM, with security requirements able to address the needs of critical missions, including crisis management.31

There is increased dependence on space-based systems in modern military engagement. During the US engagement in Iraq in 2003, 68 per cent of munitions were guided utilizing space-based means (including laser-, infrared- and satellite-guided munitions); this percentage had risen sharply from 10 per cent in 1990–91, during the first Gulf war.32 In its operations in Afghanistan in 2001, 60 per cent of the weapons used by the US were precision-guided munitions: these included bombs, missiles, and other weapons, many of which had the capability to correct their own positioning to hit the target, using space-derived information.33

Cyber vulnerabilities undermine confidence in strategic systems; they increase uncertainty in information and analysis, which impacts the credibility of deterrence and strategic stability. Loss of trust in technology also has implications for attribution and strategic calculus in crisis decision-making and may increase the risk of misperception.

This dependency on space-based technology has major implications for the way NATO conducts warfare today, and how it will do so in the future. For instance, in order to conduct precision strikes or earth observation through the use of unmanned aerial vehicles (UAVs – such as military drones), systems rely on so-called ‘beyond-line-of-sight’ (BLOS) communication via satellites – especially in times of crisis and conflict, since ground-based line-of-sight communications are vulnerable to physical attacks. Yet, cyberattacks on space technology or on the UAVs may lead them to misinterpret commands, or to lose contact with the command centre and fail in operation.

NATO currently uses six space-dependent capabilities for its alliance operations and missions:

Position, navigation and timing (PNT)
Intelligence, surveillance and reconnaissance (ISR)
Missile defence
Communications
Space situational awareness (SSA)
Environmental monitoring (weather forecasting)

The core functioning of these six capabilities for NATO operations includes:

Providing communication in military operations and missions, for instance between a commander and their troops;
Providing early warning, through detecting the hot plumes of a ballistic missile launch – thus, increasing the time available to respond to an upcoming threat;
Providing a precise location for targeted strikes;34
Providing imagery of targets, in order to observe, detect and analyse their status (situational awareness);
Providing GPS for weapon guidance;
Providing timing for secure communications; and
Providing space surveillance and tracking.

The table below outlines the key roles for each capability:

Table 1: NATO space-dependent capabilities and their roles

NATO space-dependent capabilities	Role
Position, navigation and timing (PNT)	Provide information for a precision strike. Support targeting information. Synchronize operations. Provide network timing and communication data. Rely on GPS for accurate frequency, timing and synchronization. Track assets and forces. Provide maritime navigation data. For instance, PNT is fundamental for combat search and rescue (CSAR) missions.
Intelligence, surveillance and reconnaissance (ISR)	Intelligence assessment and support threat intelligence. Situational awareness in all four domains as well as space. Targeting information. Signal intelligence (SIGNIT) collection. Intelligence for the electromagnetic environment. Use of ISR visual, multi- and hyperspectral radar imagery for command, control and communication (C3) across core domains. For instance, satellite imagery analysis has been used by military, civilian and commercial organizations to identify North Korea’s nuclear weapons and missile-related activities.
Missile defence	Assess ballistic missile (BM) attacks. Support to early warning and assessment of BM attacks or attacks on space systems. Support to early warning of nuclear detonations.
Communications	Support of command and control (C2) for radio communications. Support communications in all domains. Used for unmanned vehicle operations.
Space situational awareness (SSA)	Explore space debris, space surveillance and tracking. Observe multiple data types and sources on space to achieve awareness. Detect threats to space-borne assets, to astronauts and to Earth. Observe space weather, as it may interrupt services, impact radio signals or damage satellite applications. Outer space-based observation to detect threats from adversary space-based platforms. Ensure integrity of systems in light of the increasing amount of ‘space junk’ or potential adversary space-based weapon systems.
Environmental monitoring (weather forecasting)	Provide weather forecasting, geospatial and maritime information (both space and terrestrial weather). Provide space weather information. Support mission planning and targeting. Support munitions selection. For instance, maps developed in Afghanistan helped to predict future flooding: this information was used both for assisting military operations and for humanitarian assistance/disaster relief cases.35

Identification is another important capability that is used in the NATO maritime domain for coastal tracking, and for identifying and locating ships and vessels. Using automatic identification systems (AIS), data is electronically transmitted between ships and the coastal stations. By providing similar functions, AIS supplements and provides resilience to maritime radar and is fundamental for avoiding collisions.36

NATO’s space-dependent capabilities have individual functions, as described above. These capabilities are also coupled to each other, with complex cross-dependencies, so that the loss of one capability may have a collateral impact on other capabilities. For instance, most of the assets that transmit communications to support command and control are also dependent on GPS for timing and synchronization.37 Although there would be a number of contenders for technologies of utmost importance to NATO missions and operations, preliminary research indicates that PNT signals (which utilize GPS) are a much-needed priority capability in almost all NATO operations.

11 For more information on flaws of probability assessment, please read any article by Nassem Nicholas Taleb.

12 For a detailed explanation, please see Harrison, T., Johnson, K., and Roberts, T. G. (2018), Space Threat Assessment 2018, Center for Strategic & International Studies, https://www.csis.org/analysis/space-threat-assessment-2018 (accessed 27 Mar. 2019).

13 Ibid.

14 Tigner, B. (2018), ‘Electronic Jamming Between Russia and NATO is Par for the Course in the Future, But it Has its Risky Limits’, Atlantic Council, 15 November 2018, http://www.atlanticcouncil.org/blogs/new-atlanticist/electronic-jamming-between-russia-and-nato-is-par-for-the-course-in-the-future-but-it-has-its-risky-limits (accessed 19 Nov. 2018).

15 Ibid.

16 The Consultative Committee for Space Data Systems (CCSDS) (2015), Report Concerning Space Data System Standards – Security Threats against Space Missions, https://public.ccsds.org/Pubs/350x1g2.pdf (accessed 23 May 2019); Livingstone and Lewis (2016), Space, the Final Frontier for Cybersecurity?

17 Baylon, C. (2014), Challenges at the Intersection of Cyber Security and Space Security: Country and International Institution Perspectives, Research Paper, London: Royal Institute of International Affairs, https://www.chathamhouse.org/sites/files/chathamhouse/field/field_document/2014 1229CyberSecuritySpaceSecurityBaylonFinal.pdf (accessed 19 Nov. 2018).

18 It is important to acknowledge that when organizations incorporate into their cyber strategies the significance of personnel in mitigating cyber risks, those personnel may become the strongest link in defending against cyberattacks.

19 Machine learning is a subset of AI. Machine learning approaches in the military domain are currently challenging as they require a large set of information and military applications are either short of data or do not share data with third parties. For more information on artificial intelligence and machine learning, see Boulanin, V. (ed.) (2019), The Impact of Artificial Intelligence on Strategic Stability and Nuclear Risk, SIPRI, pp. 13–22, https://www.sipri.org/publications/2019/other-publications/impact-artificial-intelligence-strategic-stability-and-nuclear-risk (accessed 31 May 2019).

20 Office of the Secretary of Defense (2018), Annual Report to Congress: Military and Security Developments Involving the People’s Republic of China 2018, US Department of Defense, https://media.defense.gov/2018/Aug/16/2001955282/-1/-1/1/2018-CHINA-MILITARY-POWER-REPORT.PDF (accessed 10 May 2019).

21 Curtis E. LeMay Center for Doctrine Development and Education (2012), Annex 3-14 Space Operations, United States Air Force, https://fas.org/irp/doddir/usaf/3-14-annex.pdf (accessed 30 Apr. 2019).

22 Harrison, Johnson and Roberts (2018), Space Threat Assessment 2018; Kurskov, E (2019), ‘New generation satellites to join GLONASS system early 2020’, TASS, 9 April 2019, http://tass.com/science/1052778 (accessed 30 Apr. 2019).

23 Leicester, J. (2018), ‘‘Espionage’: French defense head charges Russia of dangerous games in space’, Defense News, 7 September 2018, https://www.defensenews.com/space/2018/09/07/espionage-french-defense-head-charges-russia-of-dangerous-games-in-space/ (accessed 30 Apr. 2019).

24 Wall, M. (2016), China Launches Pioneering ‘Hack-Proof Quantum Communications Satellite’, Space.com, 16 August 2016, https://www.space.com/ 33760-china-launches-quantum-communications–satellite.html (accessed 28 Dec. 2018).

25 MIT Technology Review (2018), ‘Chinese satellite uses quantum cryptography for secure videoconference between continents’, https://www.technologyreview.com/s/610106/chinese-satellite-uses-quantum-cryptography-for-secure-video-conference-between-continents/ (accessed 28 Dec. 2018).

26 European Space Agency (2018), ‘Space Protons Bring a New Dimension to Cryptography’, https://www.esa.int/Our_Activities/Telecommunications_Integrated_Applications/Space_photons_bring_a_new_dimension_to_cryptography (accessed 28 Mar. 2019).

27 Livingstone and Lewis (2016), Space, the Final Frontier for Cybersecurity?

28 Johnson-Freese (2007), Space as a Strategic Asset, p. 31.

29 NATO (2014), Space Support to NATO Operations: NATO Dependencies on Space, NATO Unclassified.

30 James, Lt-Col. L. D. (1993), DOD Space Systems – Reducing the Cost, Air War College, Air University, Unclassified, www.dtic.mil/dtic/tr/fulltext/u2/a283159.pdf (accessed 10 May 2019).

31 European Commission (2018), Commission Staff Working Document: Impact Assessment: GOVSATCOM, establishing the space programme of the European Union, relating to the European Union Agency for Space and repealing Regulations (EU) No 1285/2013, No 377/2014 and No 912/2010 and Decision 541/2014/EU, p. 4, https://publications.europa.eu/en/publication-detail/-/publication/6204a2f1-6af6-11e8-9483-01aa75ed71a1/language-en/format-PDF (accessed 30 May 2019).

32 UK Parliamentary Office of Science and Technology (2006), ‘Military Uses of Space’, Postnote, Number 273, December 2006, http://www.parliament.uk/documents/post/postpn273.pdf (accessed 30 May 2019).

33 Huiss, R. (2012), ‘Proliferation of Precision Strike: Issues for Congress’, Congressional Research Service, p. 6, https://fas.org/sgp/crs/nuke/R42539.pdf (accessed 10 May 2019).

34 NATO forces rely on GPS for this function.

35 NATO (2014), Space Support to NATO Operations: NATO Dependencies on Space.

36 Morris, B. (2016), ‘AIS versus radar’, Ocean Navigator, http://www.oceannavigator.com/Web-Exclusives-2016/AIS-versus-radar/ (accessed 10 May 2019).

37 NATO (2014), Space Support to NATO Operations: NATO Dependencies on Space.

Previous chapter Next chapter

Topic themes

Defence and security

Economics and trade

Environment

Health

Institutions

Major powers

Politics and law

Society

Technology

Regions

Africa

Americas

Asia-Pacific

Europe

Middle East and North Africa

Russia and Eurasia

Foreign policy and international affairs events

Publications

Become a member

The Queen Elizabeth II Academy for Leadership and the Next Generation

About us