President Trump recently signed a Space Policy Directive (SPD) to protect American space systems from cyber threats.
At first glance, you might read cyber threats in space and think, "What, space cyber threats? Are we talking aliens?" No, the answer is not aliens. These threats are coming from our home planet, and they are indeed very real.
Why does cybersecurity in space matter?
The United States believes that the freedom to operate in space is vital for the U.S. and the world.
Space systems provide a wide variety of important functions that we rely upon in our everyday lives. They are one of the main reasons we have excellent communication around the globe, GPS navigation to guide us, rapid scientific observations, and a strong national defense. If our space systems fail because of a successful cyberattack, it could mean serious consequences.
The White House says the new space security policy, named SPD-5, advances the goals of previous policies—such as the National Security Strategy, the National Cyber Strategy, and SPD-3—to further ensure the U.S. has the freedom to operate in space.
These three policies all use similar language in that the U.S. will do whatever it can to protect its assets in space while working with industry experts to enhance the cyber resilience of space systems from malicious threats.
Some of these malicious threats include corrupting sensor systems, jamming or sending unauthorized commands for guidance and control, and denial-of-service (DoS) attacks.
Let's take look at specific items within the new space cybersecurity policy.
5 key principles for space systems cybersecurity
The White House specified five essential principles for space systems cybersecurity. Here is the list:
1. "Space systems and their supporting infrastructure including software, should be developed and operated using risk-based, cybersecurity-informed engineering."
2. "Space systems operators should develop or integrate cybersecurity plans for space systems that include capabilities to: protect against unauthorized access; reduce vulnerabilities of
command, control and telemetry systems; protect against communications jamming and spoofing; protect ground systems from cyber threats; promote adoption of appropriate
cybersecurity hygiene practices; and, manage supply chain risks."
3. "Space system cybersecurity requirements and regulations should leverage widely-adopted best practices and norms of behavior."
4. "Space system owners and operators should collaborate to promote the development of best practices and mitigations."
5. "Space systems operators should make appropriate risk trades when implementing cybersecurity requirements specific to their system."
In a time when so much is uncertain, it is very important to have established cybersecurity for our most critical assets, and a lot of those assets are out in space.
For more information on the subject, check out the Comprehensive Cybersecurity Policy for Space Systems (SPD-5).
[RELATED: NASA's 9 Cybersecurity Priorities vs. Yours]