NEWS FROM SPACE SYMPOSIUM: New Information Sharing Center to Track Threats to Space Systems
Image: KratosCOLORADO SPRINGS, Colo. — Alarmed at increasing threats to space-based assets, industry members on April 8 announced the establishment of a new organization to thwart attacks on satellites and ground stations.
The creation of the Space Information Sharing and Analysis Center (S-ISAC) was announced on the first day of the Space Symposium in Colorado Springs, Colorado, during a classified session.
Frank Backes, senior vice president of Kratos SATCOM Products and Federal Space Solutions, will serve as the acting president of the Space ISAC. Kratos is the founding member of the center and will provide initial funding and support to kick off the endeavor.
ISACs are sector-specific, member-driven organizations stood up by the government to collect, analyze and disseminate all-hazards actionable threat and mitigation information to asset owners, operators and members. They have already been established in 18 different sectors such as financial services, health care, nuclear energy and aviation.
“What was determined by the government last year was that every single ISAC that exists today is dependent on space as an infrastructure component,” Backes told National Defense. Once officials realized this oversight, they asked Kratos to set up the new center. Kratos is a mid-tier contractor that works in both the military and commercial space sectors and is involved in space-based technologies as well as the terrestrial terminals and ground-control stations that connect them, he noted.
The Space ISAC will be housed within the National Cybersecurity Center in Colorado Springs. Backes expects it to be up and running by this summer. About 10 companies have expressed interest so far. A website where other companies can sign up was expected to go live after the April 8 announcement.
Satellites and their supporting systems are seen as increasingly vulnerable to cyber assaults. The Center for Strategic and International Studies — in an annual Space Threat Assessment Report released April 4 — said while it does take a certain amount of sophistication to mount a cyber attack on a satellite, it doesn’t take a lot of resources. Landlines, ground stations and terminals are all potential entry points, the report said.
Attackers can steal or corrupt data or possibly take control of a satellite to shut it down and render it useless, said the report, produced by the think tank’s Aerospace and Security Project.
China, Russia, Iran and North Korea are among the nations that have some capacity to launch attacks against space-based assets through a network or other means, the report said.
“Accurate and timely attribution of a cyber attack can be difficult, if not impossible, because attackers can use a variety of methods to conceal their identity, such as using hijacked servers to launch an attack,” the study said.
Backes said the Space ISAC will gather reports about all kinds of threats to space systems and their terrestrial infrastructure. According to the CSIS report, those may include anti-satellite weapons, jamming, laser-dazzling and spacecraft that can maneuver in close proximity to other satellites and possibly sabotage them.
“You also have with all space assets an entire ground infrastructure that can also be compromised or targeted,” Backes said.
If a member company detects a threat, it can send a report about what happened to the center, which will analyze the incident, then disseminate an official report to the other members about what happened and possibly suggest ways to protect against future attacks, Backes said. It does this without revealing the identity of the company that reported the incident.
“When you’re dealing with multi-billion dollar, publicly traded companies, how you communicate information of this type is extremely sensitive,” Backes said. “The whole idea behind this is to increase everyone’s security, not to end up pointing fingers at any particular company or its systems.”
The ISAC also creates a way for the government to interact with industry when it has classified or unclassified intelligence about threats that it wants to share. “It’s one of the reasons ISACs exist. It allows communications to move back and forth between the two sides,” Backes said.
Kratos will coordinate the organizational planning and federal government charter, fund the startup costs, and develop the center’s operational plan. The website for interested companies is www.s-isac.org.