Starlink and other low-Earth orbit constellations face new security risks
Russia’s invasion of Ukraine in 2022 really threw Ukrainian communications into a tailspin: Shortly before the invasion, Russian hackers disabled Viasat satellite ground receivers across Europe. Then entrepreneur Elon Musk stepped in and offered access to Starlink, SpaceX’s growing network of low-Earth orbit (LEO) communications satellites. Musk soon reported that Starlink was suffering from cell phone jamming attacks and software countermeasures.
In March, the U.S. Department of Defense (DOD) concluded that Russia was still trying to block Starlink, according to leaked documents from U.S. National Guard pilot Ryan Teixeira seen by The Washington Post. According to the “Defense One” website, the Ukrainian military also blamed the Starlink problem on Russian gps jamming. If Russia blocks low-Earth orbit constellations, this will be a new height in the silent war between space and earth communications.
“There’s really not a lot of information about it,” said Brian Weeden, program director at the Secure World Foundation, an NGO focused on space governance. However, Weeden added, “My sense is that Starlink is harder to jam or interfere with [than GPS satellites].”
LEO satellites face new security risks
Regardless of their altitude or size, communications satellites transmit more power and therefore require more energy to jam than navigation satellites. However, low-Earth-orbiting satellites orbiting the Earth at altitudes of 2,000 kilometers or less switch frequently, which “results in delays and creates more interference” than large geostationary satellites, said Mark, professor of data protection and data protection. Mark Manulis said. Applied cryptography at the Cyber Defense Institute (CODE) of the Bundeswehr University Munich.
Security and communications researchers have mostly studied defenses and countermeasures behind closed doors, but several publications and open-source research have revealed how unprepared many low-Earth orbit satellites are for a direct attack, and what defenses may be needed for future low-Earth orbit satellites.
For years, private companies and government agencies have been planning low-Earth orbit constellations, each with thousands of satellites. For example, the Department of Defense has been designing its own network of low-Earth orbit satellites to complement its more traditional geostationary constellation for more than a decade and has begun awarding contracts to build it. University research groups also launch miniature standardized CubeSats (CubeSats) into low Earth orbit for research and demonstration purposes. This proliferation of satellite constellations coincides with the emergence of off-the-shelf components and software-defined radio—both of which make the satellites more affordable, but perhaps less secure.
Russian defense authorities have commissioned a system called “Tobol” to counter jammers that could interfere with Russian satellites, journalist and author Bart Hendricks reports. This means that either Russia can deliver jamming signals to satellites, or it suspects that its adversaries can.
Many agencies and organizations launching the latest generation of low-cost satellites have yet to address the biggest safety issues they face, researchers write in the 2022 Low Earth Orbit Safety Report. This may be because one of the lures of low-Earth orbit is the relatively cheap ability of new hardware to handle smaller tasks.
“Satellites are getting smaller and smaller. Their purpose is very clear,” said Ijaz Ahmad, a telecommunications security researcher at the VTT Technology Research Center in Espoo, Finland. “Less resources are devoted to computing power, processing, and storage.” Lower computing power means less encryption capabilities and a lower ability to detect and respond to outages or other proactive outages.
The rise of software-defined radio (SDR) is also making it easier to deploy hardware for new missions, including the ability of small satellites to cover multiple frequency bands. “When you make it programmable, you provide some kind of remote connection to that hardware so that you can program it. But if you ignore the security aspect, there are serious consequences,” Ahmed said.