The objective of the ENISA space threat landscape is to recommend cybersecurity controls and mitigation strategies for a trustworthy and uninterrupted deployment of commercial satellite systems and architectures. Such controls and strategies are the result of the identification and assessment of both current and emerging threats and vulnerabilities faced by the space sector.
Juhan Lepassaar, Executive Director at ENISA stated: “The commercial exploitation of space has become the backbone of key economic activities. Digital threats in space are therefore highly critical. Besides, their cascading effect have also the potential to induce geopolitical tension. This is why commercial satellites must be cyber secured at all cost.”
Why does space cybersecurity matter?
Commercial satellites are integral to a wide range of services we enjoy in our everyday life. They operate by transmitting and receiving data over extremely long distances and can also ensure reliable internet connectivity.
The services commercial satellites provide cover telecommunications, financial transactions, cable and network television and use of GPS for navigation. They also enable the monitoring of land and water resources, weather forecasts or the remote management of critical infrastructures. Satellites are therefore key assets of our economy.
Because they are connected to the daily operations of our digital world, they can therefore be the target of cybersecurity threats and/or be impaired by vulnerabilities.
In 2022, the Viasat satellite hack shut down tens of thousands of modems across Europe. Several countries were impacted with widespread disruptions of communications and emergency services as well as other related economic activities. The cascading effect of cybersecurity incidents on satellites can stretch the surface attack beyond both sectors and borders.
Besides, the number of satellites placed into orbit every year is growing exponentially. With a current average of 2800 satellites launched yearly, the potential for harmful effects of any loss of capability is much increased. Space assets are further exposed to cyberattacks due to developing trends such as software-defined satellites or due to the use of off-the-shelf and open-source hardware and software components or the development of quantum technologies.
In addition, even if the commercial use of these technologies is intended to support civilian services, any of such space objects could be weaponised and targeted as part of geopolitical warfare. As a consequence, addressing the risks and threats faced by the space industry in a comprehensive way has therefore become urgent.
The Space Threat Landscape report in a nutshell
The report includes an overview of the satellite lifecycle model and actors, of asset taxonomies and of space threats. In addition, a risk assessment analysis was performed using four risk scenarios to address the threats identified in the threat taxonomy. Finally, the report provides an extended cybersecurity control framework tailored to the needs of commercial satellite operators. This framework, composed of a total of 125 items divided into 35 sub-categories, is to be found in the report’s annexes.
To facilitate practical implementation, the framework data are provided in a structured, digital format, alongside an interactive tool for exploration and analysis.
All resources are available via GitHub: https://github.com/enisaeu/Space-Threat-Landscape
Threat actors of space systems or objects include state-nexus actors, cybercrime and hacker-for-hire ones, private sector offensive actors (PSOA), Hacktivists or civil activists among others.
Main threats include:
- Jamming;
- Hijacking;
- Computer Network Exploitation.
Main recommendations include:
-
Information sharing and reporting: timely awareness of vulnerabilities;
-
The introduction of minimum industry standards based on “security by design” and “security by default”;
-
Ensuring robust supply chain security as provided for by the NIS2 Directive to implement stricter controls throughout the supply chain lifecycle;
-
Analysis and testing before introducing components into the production environment;
-
Deployment of effective, validated and tested encryption measures.
The report is also intended to pave the way to a comprehensive cybersecurity strategy and legislation for the sector tailored to protect public interests without hindering performance and innovation.
How does legislation help to cyber secure satellites?
In Europe, the NIS2 Directive includes space among the sectors of high criticality because of the wider reach that space operations may have. Indeed, the cascading effect of a cyberattack is likely to cause collateral damage cross-sectors and beyond borders both within the EU and around the world. The risks are even further extended as the space sector also encompasses operators of ground-based infrastructures in support of space-based services as well as telecom operators.
Satellite operators are governed by national rules and regulations. However, the whole sector needs now to abide to a high-level set of obligations pertaining to the cybersecurity aspect of the equipment operated.
To meet this objective, the EU Space Strategy for Security and Defence was adopted in 2023. As a result, an EU Space Information Sharing Analysis Centre (EU Space ISAC) was established in 2024 to improve collaboration and information sharing. ENISA has an observer role in the EU Space ISAC.
In the meantime, the Cyber Resilience Act (CRA) is expected to have significant impact on the development, operations and decommissioning of space systems. This is because the regulation is driven by the objective to have all products with digital elements placed on the EU market comply with biding cybersecurity standards applicable throughout their lifecycles.
The European Cooperation for Space Standardization (ECSS) also released a number of technical standards and guidelines in July 2024.
- ENISA Space Threat Landscape
- LEO SATCOM Cybersecurity Assessment – ENISA report February 2024
- ENISA topics – Cybersecurity of Critical Sectors