Space has proved to be one of the most commanding yet insecurely required territories of modern strategic life. Widely used as a passive aiding communication and navigation system, it has now expanded to the heart of the military command network, financial infrastructure, flight safety, and real-time worldwide decision-making. This security architecture, however, has not kept up with this system. This disjunction ceases to be the hypothetical one. It is quantifiable, provable, and more exploitable.
The Growing Vulnerabilities of Satellite Systems
As a recent empirical research study of the University of Maryland and the University of California, San Diego, discovered, nearly half of the examined geostationary satellite communications were left bare, or those that were encrypted applied lax cryptographic standards. A large diversity of transmissions could be captured by the researchers, such as mobile communications, tipping their aviation communications, and sensitive operational communications with comparably inexpensive commercially available devices: only several hundred dollars. This finding is significant not only because of what it investigates but also because of what it proves: it is not the exclusive reserve of highly endowed intelligence agencies that intercept satellites. Entrance costs have been minimized.
The core of the problem is in the restless technological changes. The satellites have numerous ancient encryption systems that were not initially developed to be used in a cyberspace battle. Others are built on cryptographic keys that are so simple-minded as to be brute-forced in operationally relevant time frames by modern computing systems. In comparison, contemporary secure communication is expected to rely on such criteria as computational exhaustion can exist in theory. It is not a linear difference but is exponential. It is what determines whether the data gotten can be converted to actionable intelligence or just useless noise.
Nevertheless, there are several other forms of bringing down satellite systems other than encryption. It propagates on three interconnected risk planes, like interception of communications, denial of service through jamming, or spoofing of telemetry and control systems. These threats are no longer so abstract possibilities. They are archaic methods as a whole in the arsenal of counterspace operations, which involve both kinetic and non-kinetic methods of disrupting or rendering space objects useless in an effort to gain a strategic edge.
Physical destruction of satellites, either by direct ascent or co-orbital systems, is a kinetic measure, an extension of the organizational measures, whereas electronic warfare, laser-based interference, and more contemporary cyberattacks on the digital infrastructure of space systems are non-kinetic measures. This is not the only type of cyberattack related to mere disruption. It is a focused attempt at hacking into, altering, stealing, or spoiling the information within the computerized space networks. Most of them are preceded by cyber intrusions that silently offer gateways through which the attackers would achieve persistence using malware such as backdoors, trojans, ransomware, or wiper tools that would purposely cause lasting damage to the system.
Cyber-Space Convergence and Legal Ambiguities
The most disruptive element of this convergence of space and cyberspace is that the political organizations of rule have never kept pace with the realities of its operations. International law and policy continue to gravitate towards treating space security and cybersecurity as separate fields, despite their highly technical interdependencies with one another. The satellites are completely dependent on the cyber infrastructure to pass commands and their information, but the cyber systems are also highly dependent on the network of satellites to give global connectivity and continuity of operations. Structural interdependence means that a cyber attack would simply evolve into a space disruption, and likely the other way around; a space breach will lead to a cascading effect of cyber and physical assaults on the planet.
The attribution is one of the critical issues that has not been resolved yet. Space systems attacks are improbable to detect due to highly uncertain readings and the element of undeniable plausible deniability, giving the attacker a green light to continue with its activities, thus impeding deterrence strategies. This is compounded by the dual nature of most satellite systems that simultaneously carry out missions as both civilian and military in several jurisdictions.
The civilian objects fall under international humanitarian law, which has barred the targeting of civilian objects except in cases of extreme situations of necessity and proportionality, where dual-use systems may be considered as legitimate military targets. However, in the instances where the satellite infrastructure is stationed to cater to both civil infrastructure and military operations simultaneously, it turns out to be terribly ambiguous how to frame the boundary as to what would be deemed legitimate targeting.
The second difficulty in adding to this ambiguity is the matter of neutrality. Third-party states may be indirectly affected by a war over space systems because of satellites that they do not control but depend on. As part of the planet attracting privatizers of most of its satellite networks, the long-standing premises of state neutrality are becoming increasingly difficult to implement.
Governance Gaps and Policy Challenges
Even with international efforts at resolving these issues through the use of United Nations mechanisms, the Groups of Governmental Experts and the Open-Ended Working Groups on cyberspace and space security have led to a single institutional division between the two processes, as a result of which a problem of fragmentation has been intrinsic. The likelihood of an overlap of cyber and space governance is getting more and more accepted as the topic of discussion, yet there has never been a coherent model to address the hybrid threats, which occur in either of the control spheres simultaneously. It forms one of the biggest gaps in the contemporary security framework of governance.
The second major gap is that there is involvement of a hybrid conflict attribution in the condition. Spacesuit: Current paradigms are based on the assumption that cyber events are linear in character, but in an actual sense, space-cyber events are non-linear, multi-layered, and have a predilection to go through commercial and transnational space. This makes the classic attribution models inefficient with regard to the capacity of making decisions that are crisis-based, decisions in which speed and knowledge are key.
The third gap in ISS concerns the case of the presence of dual-use cyber conflict satellite systems. Though there is a conceptual foundation of addressing the matter of dual-use objects relative to international humanitarian law, it is still deficient in providing operational information on how the satellites, which also provide civilian and military data streams, should be handled. This raises questions about when such systems may be deemed legitimate military targets without violating the doctrine of proportionality and distinction.
The fourth gap is that there is no empirical modeling of cyberattack propagation in space architectures. Knowledge of the nature of malware used in cyberattacks is not new, although there is a dearth of quantitative data to support the cascade effect of such malware in order to scale to satellite-ground-space systems and the degree to which such malware can be deployed to disable the operational functionality of systems interdependent on one another.
Finally, it is an institutional gap in governance realms. Planning of space and cybersecurity is at low levels of integration, concurrently in international processes, yet there is an increasing convergence of operations. This fragmentation is limiting the initiative to establish stable norms to address hybrid threats and slow down the development of relevant international reactions.
Toward an Integrated Approach
These holes are heralding a pressing research and policy agenda: the need to perceive space and cyberspace not as different spaces, but as one integrated system of functioning. The future lies in transitioning to unified models of attribution that include the aspects of cyber forensics and orbital telemetry, quantitative modeling of the resilience of satellite cyber systems in the context of multi-vector attacks, and, more clearly, specification of the protection of dual-use satellites in the combined reality.
The bigger idea is that it is no longer possible to believe that the security of assets in orbit can be referred to as simply satellite security. It is about maintaining stability in a system where the influence of digital intrusion may have tangible results and a capacity to modify the flow of terrestrial choices in real time by bringing about orbital disengagement.
Whether they can be compromised or not is no longer the biggest issue of the day when it comes to satellite systems; they already are. The issue is not whether global governance, legal architecture, and strategic doctrine will evolve in time to contribute to these susceptibilities becoming the antecedents of the systemic instabilities. It may not even be noticed that there is the first wave of the next war because it happens in the new security environment. It may begin with no noise at the invisible level of the interface of cyberspace and circle.
If you want to submit your articles and/or research papers, please visit the Submissions page.
To stay updated with the latest jobs, CSS news, internships, scholarships, and current affairs articles, join our Community Forum!
The views and opinions expressed in this article/paper are the author’s own and do not necessarily reflect the editorial position of Paradigm Shift.
Rimsha Malik is currently serving as an Associate Research Officer at the Centre for International Strategic Studies (CISS), AJK. She is a gold medalist in International Relations, with a strong academic foundation in strategic and security studies.
