Red Balloon Security White Paper

ย 

Defending From Within: Why Embedded Systems Are the Essential to Achieving Space and Satellite Cybersecurityย 

Table of Contents:

ย 

Executive Summaryย 

ย 

State of Cybersecurity in Space and Satellite Systemsย 

The Global Landscape 3 Shaping a Safer Futureย 

ย 

RedBalloonSecurity

Investigationsย 

CyberLeo 2022ย 
Defend from Within: Symbiote

Embedded Defense for Satellite Base Station Systemsย 

NyanSat (https://nyan-sat.com)ย Binary Analysis and Exploration with FRAKย 

ย 

About Red Balloon Securityย 

Red Balloon Security Offerings: Defend From Withinย 

Contact Detailsย 

Executive Summary:

Ensuring the cybersecurity of ground stations, communications, and satellite vehicles is one of the most pressing challenges facing the private and public sectors. At a time of tremendous industry growth, it is more imperative than ever that we secure every segment of satellite systems and protect the personnel who depend on their accuracy, speed, and reliability.

ย 

The Ukrainian conflict has amplified serious questions about cybersecurity at every link in aerospace deployments. Now is the time for manufacturers, governments, and security providers to align with each other on solutions.

ย 

Red Balloon Security identifies three messages for shaping a safer future for the space infrastructure:

ย 

1. Donโ€™t miss the threat on the ground for the threat in space.


2. End users, manufacturers and security experts must collaborate on advanced solutions.

3. We must expand regulations to cover embedded systems.

ย 

Red Balloon Security has built up satellite and aerospace expertise over more than a decade of governmental and commercial engagements, in which weโ€™ve assessed all types of equipment and helped government and industry decision-makers to anticipate and defend against the most serious cyber threats facing our satellite fleets. Our core embedded defense technology, Symbiote, has been deployed by DARPA, the DoD, and DHS, while our experts have contributed to red vs. blue simulations that highlight insecurity in satellite systems โ€” and frequently propose solutions for safer space deployments.

ย 

There is still time to get aerospace security right, but the longer commercial and government interests wait, the harder it will be to rectify insecure architecture in satellite constellations. To paraphrase a sage from another era, โ€œThe best time to plant a tree was 20 years ago.โ€ The next best time to address satellite cybersecurity is now.

State of Cybersecurity in Space and Satellite Systems

The Global Landscape

ย 

A residual effect of war in Ukraine is that cybersecurity is no longer a sideshow in aerospace, if 2022 space-related trade events are any indication. The conflict has raised awareness and concerns about the security of every link in aerospace deployments. Now is the time for manufacturers, governments, and security providers to align with each other on solutions.

ย 

Although the initial Russian invasion did not lead to the unrestrained cyber warfare that many people feared, a February 2022 disruption of a satellite network, which was not restricted to Ukraine, added urgency to many conversations. However, while the space industry understands and puts a lot of thought in satellite security, it often lacks actionable next steps. The prevailing sentiment is that bad cyber actors have a jumpstart on governmental and operators and equipment manufacturers.

ย 

This is problematic on two levels. Aerospace and satellite deployments are mission-critical and indispensable to the growth of many industries and technologies. At the same time, their attack surfaces have also greatly expanded โ€” and without corrective action, security controls will be bolted onto future designs in an insufficient manner, rather than being built into them with foresight and efficiency.

ย 

The projected expansion of satellite deployments provides a unique opportunity to build mature security solutions into government and commercial deployments. We can expect an exponential increase in the number of Low Earth Orbit (LEO) satellites, as well as the emergence of small GEO satellites. This means more methods of connectivity, in space and on the ground, and a corresponding increase in opportunities for cyber malfeasance. But it also gives system architects the chance to capitalize on a decadeโ€™s worth of advances in cybersecurity technology, and to launch hardened, new constellations โ€” provided we take a proactive approach to investment and collaboration.

ย 

Shaping a Safer Future

ย 

To help stimulate innovation and partnership, we identify three messages that should gain traction in 2022 and beyond:

ย 

1. Donโ€™t miss the threat on the ground for the threat in space

Much attention has been paid to the threat of signal jamming or spoofing directed at satellite vehicles, which could lead to collisions or disruption of internet access in vital industry or governmental communications. But dangerous cyberattacks can focus on any part of a satellite network, including multiple devices that support satellite base stations and communications hubs. These assets on the ground can be accessed remotely, or in many cases physically, since they often are in isolated locations with variable perimeter security.

ย 

The objective of such attacks could also be the compromise or destruction of land-based equipment, as seems to be the case with the Viasat/KA-SAT attack, which temporarily disabled thousands of modems in several countries. Viasatโ€™s analysis indicates the attacker began by exploiting a VPN device misconfiguration, gained remote access to a segment of the company network, and then sent management commands to thousands of modems at once, which overwrote flash memory and temporarily knocked the modems offline. It was a consequential strike that required no knowledge or exploits of a satellite vehicle.

ย 

2. End users, manufacturers and security experts must collaborate on advanced solutions

The impressive growth of commercial aerospace and satellite deployments complicates efforts to elevate industry security standards. As more business opportunities are built out and scaled, we can expect more players to enter the space, and more reliance on increasingly complex supply chains โ€” both of which will elevate cyber risk. The days in which a few established private sector enterprises supplied technology and devices to a few dedicated clients, each of which was a branch of the government, are past.

ย 

Given this new reality, collaboration around industry standards will be essential to satellite network security. As more companies move in, itโ€™s critical that established players advocate and fight for high-security standards that reflect the current threat climate. This can help establish benchmarks that elevate current standards, promote accountability, and incorporate security solutions for devices and systems.

ย 

The U.S. government will remain hugely influential, due to the power of its purse, decades of aerospace engagement, and history of collaboration with industry leaders. It can actually incentivize commercial suppliers to invest in advanced security controls by demanding them โ€” and it most certainly should do so.

ย 

There is also a need for rigorous testing of new security deployments in controlled environments, such as red vs. blue exercises. These can provide training for military operators and opportunities for them to work with device manufacturers to integrate security technology with new and legacy satellite communications equipment. Ideally, this training should include commercial equipment manufacturers, equipment operators, and security experts. Securing space will require a highly collaborative, multi-disciplinary approach: No one body of experts has all the answers.

ย 

3. We must expand regulations to cover embedded systems

Government regulators have had timely responses to emerging satellite communications network threats. In the first months of 2022, CISA issued two alerts (one in collaboration with the FBI) for service providers and customers, while NIST pushed to update its guidelines for satcom cybersecurity risk management.

ย 

Although welcome, these documents focus on network-based security controls that are essential, but not sufficient to meet current threats. Like other recent directives, they do not adequately address security challenges in embedded systems and the devices that support them. What guidance there is focuses on network controls: also essential, also unable to provide a comprehensive security posture.

ย 

For decades, security policy has exempted special purpose and embedded systems as being too difficult to secure while maintaining real-time performance. It is time for policy to catch up with technology and mandate the levels of security controls that are now feasible for aerospace, and many other industries.

Red Balloon Security Investigations

As a leading cybersecurity research and technology firm, Red Balloon Security has undertaken multiple investigations of satellite system devices, communications protocols, and their security postures. The company has disclosed multiple vulnerabilities to device manufacturers, and has worked closely with teams in the U.S. Department of Homeland Security, Air Force and Department of Defense to develop security hardening solutions across satellite systems.

ย 

CyberLEO 2022

Red Balloon Securityโ€™s CEO and founder, Dr. Ang Cui, joined the advisory board of CybeLEO in 2022 to promote security solutions across commercial and US government satellite systems. CyberLEO 2022 focused on the urgent need to protect expanding satellite constellations from existing and evolving cybersecurity threats.

ย 

During the conference, Red Balloon Security presented several demonstrations, one of which included the injection of a firmware implant directly into the firmware binary of a commercial satellite modem. The firmware implant was designed to be stealthy and kick in during the modemโ€™s boot process. It created a communication channel and acted as a pivot point from the ground station to the space assets. In particular, the implant enabled communication with a reaction wheel inside a mock CubeSat, and enabled telnet control for Command and Control (C2) operations, which included sending malicious commands that arbitrarily control the CubeSatโ€™s navigation.

ย 

These explorations uncovered the importance of holistic platform security for all devices involved in a satellite system, on the ground and in space. Such firmware implants, if they go undetected, have severe consequences for ground control and space equipment: Compromised firmware can result in loss of functionality of the equipment, destruction of the equipment, and even loss of life in the event of orchestrated space collisions against manned missions.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.