Probably what comes to mind most often when talking about the space economy is travelling on board a rocket. Like what Elon Musk, Jeff Bezos and Richard Branson have done and would like to offer with their specifically founded space companies. Those trips, however grandiose (and expensive), are but a small part of an industry worth hundreds of billions of dollars. So new and growing that it is hard to calculate.

If Eurostat has launched an initiative to define the statistics to put a value on it, the Space Foundation estimates about 600 billion reached in 2023. This is not thanks to the rockets, but to the satellites: over 8,000 objects orbiting the Earth, half of which are active and on which our daily lives also depend. Because if ours is already a space economy, it is also somewhat of a space society. 

And from astronomical space to cyberspace, the step is shorter and more dangerous than one can imagine. We talked about it with Matteo Lucchetti, director of Cyber 4.0 (in the photo below, En) the highly specialised National Cybersecurity Competence Centre promoted and financed by the Ministry for Economic Development to accompany companies and public administrations towards secure digitisation.

Why are satellites at risk and what does this mean for us?

“Essential components of our life on Earth depend on those few thousand objects. Planetary observation tools are fundamental for several critical systems: from finance to agriculture, from transport to intelligence. A significant part of the data connection of our smartphones and the Internet of Things is thanks to satellite transmissions. Hardly an average citizen could imagine a week without weather forecasts and driving directions. Space is in fact an economic domain and has become so thanks to services we have discovered. Useful but also vulnerable. That is why a successful cyber attack could have significant repercussions on our lives.”
 

In the past, has a cyber attack targeting satellite systems ever caused great damage?

“Of course, the day of the Russian invasion of Ukraine. We all know that a major attack hit the network of Viasat, a US company that provides Internet connection infrastructure to governments, including that of Kiev. It compromised army communications and facilitated the entry of enemy troops, endangering or destroying the lives of entire cities. The attack also had repercussions elsewhere: in Germany, an energy company that operates over 6,000 wind turbines was also hit. Subsequent investigations established that this was an operation set up in Moscow. In that year alone, 2022, according to the Ukrainian National Cyber Security Coordination Centre, the country suffered approximately 4,500 attacks: three times as many as in the previous year. Besides these high-profile cases, attacks are happening constantly all over the world and always more frequently.”
 

What is the reason for such a significant increase in cyber threats to satellites?

“It is simple: it is due to the fact that the sector is experiencing a recent and very strong expansion. We have about 8,000 active satellites, 84% of which are in low orbits. Most are small, even as small as a shoebox, used for quick communication. Ninety-five per cent of all launches now involve such objects, and this is no coincidence: the increase in services requiring the use of satellites is mirrored by a reduction in production and launch costs. So much so that even private individuals, unlike in the recent state-dominated past, can afford massive investments. Today, we are at the point where almost half of the systems currently in orbit are owned by Elon Musk’s company, Starlink. Satellites proliferate and so do cyber attacks against them. Clearly, satellites intended for defence purposes are by definition the most secure, but the same is not necessarily true for other government satellites, which may (or may not) be as secure as commercial ones.”

So, what types of attack are possible?

“To carry out operations in space we need an infrastructure composed of three segments. The first is space, where satellites, probes and similar devices are located to perform their functions. The ground segment, basically represented by the systems to receive the data sent, is connected with these. Instead, they are managed by the employees of the so-called ‘user system’, which uses a normal company network with email, Intranet and so on. Each segment has its own vulnerabilities. While the ground segment requires complex attacks, launched mainly by state actors, the user segment remains a favourite target for classic hackers and their ransomware (ransomware threats).”

Are some sectors more affected than others?

“The most threatened sector is clearly the government sector, starting with defence services, which, however, are also the most protected. The manufacturing industry does not sleep soundly: small, low-tech and poorly trained companies are ideal for attacks aimed at the user segment with classic phishing emails. Nor should we forget the health sector, which is based on patients' private data that are often stolen and returned after ransom is paid. This tells us that, in addition to the cyber soldiers activated by intelligence and armies for operations such as the Viasat network used in Ukraine, hacker groups interested not in weakening a sovereign state but in their own economic gain are also active in the space sphere.”

Geopolitical implications are important, how are they being addressed?

“Partially. On the European side, Margrethe Vestager, Executive Vice President of Europe Fit for the Digital Age, called our space activities ‘crucial for the functioning of our society and economy’. The Commission and the High Representative presented a joint communication for a European space strategy for security and defence, which could be the prelude to a space law that is high time we had. Minister Adolfo Urso, as president of Copasir, spoke of space as ‘the new battleground’, and NRRP funds have been earmarked for the protection of Italy's important space industry, one of the world's leaders. After the Russian invasion of Ukraine, Italy also entered the eye of the storm. It was among the most attacked countries in the world between 2022 and 2023, due to the support given to Zelenski's government and the vulnerability of its productive fabric, made up mostly of SMEs that are not always up to speed in terms of skills and technology.”

What can be done to defend oneself from and above all to prevent attacks?

“You always act on three components: people, process, technology. The first thing is to prevent the manager or employee from being the first to open the door to attacks. Also, the management of the supply chain is not to be underestimated, choosing suitable, certified and adequately protected suppliers. Finally, the mantra that underlies everything in terms of preventing cyber attacks: security by design, not plugged-in. That is, having technologies and software designed upstream to reduce vulnerabilities and prevent threats. Clearly, a push from the governments is needed, in terms of funding and awareness-raising. In this, our Cyber 4.0 centre offers companies and the public sector, advisory and training services, assessment and so-called test-before-invest for cyber security, and finances research projects, not only in the space field. The aim is to develop skills and innovation, also through the important tool of calls for tenders. For space applications, we have already launched a call for industrial research and experimental development projects, and are now in the awarding phase. At the end of February 2024, a second one will start and we hope for an even greater response.”