DoD space agency: Cyber attacks, not missiles, are the most worrisome threat to satellites
WASHINGTON — Intelligence agencies and analysts warn China and Russia are developing missiles that could strike U.S. satellites in low-Earth orbit. This will be a concern for the Pentagon’s Space Development Agency, which plans to deploy a network of satellites within range of those missiles.
Derek Tournear, director of the Space Development Agency, said April 14 that SDA has looked at potential threats to its satellites and is less worried about missile strikes than it is about cyber attacks and intrusions into the supply chain.
SDA plans to start launching satellites to space in 2022 with a goal of having hundreds in orbit by 2024 that will be used for communications and missile detection.
These satellites “will not be invulnerable” to ground-based weapons such as ballistic missiles, Tournear said at an online Washington Space Business Roundtable forum. But having a proliferated network of hundreds of satellites, however, makes the system resilient to these type of attacks, he explained.
An adversary would have to launch a barrage of missiles to disable such a large constellation and would face significant retaliation. Tournear also noted that the relatively low cost of SDA’s satellites would make them unattractive targets compared to the more exquisite billion-dollar satellites that DoD has in orbit.
Tournear estimates that it would cost more to shoot down a satellite than the satellite itself, “so we’ve completely changed the equation on that.”
Even if one or a handful of satellites were destroyed, a proliferated network of hundreds could continue to function. A cyber attack, on the other hand, could be devastating, Tournear said.
“Cyber and and supply chain are two threats that I’m concerned about,” he said. Tournear described cyber and supply chain problems as “common mode failures,” which means that even if just a few components or portions of a system are attacked, the whole network would be out of service.
A supply chain attack is a cyber attack that targets the less secure elements in the supply chain.
“So it doesn’t matter if I have one satellite or if I have 1,000 satellites, those type of attacks may have the ability to take them all out,” said Tournear.
“Those are the threats that I’m most focused on, because those are the ones that I think can can have the biggest devastating effect, whereas the other threats, I actually think proliferation gives us significant advantages,” he said.
To defend SDA’s network, the agency is working with other DoD agencies to develop encryption and other security devices for use on satellites. This is a challenge, said Tournear, because they have to be light, small and low power.
“We need high bandwidth crypto units for for these kinds of systems to be able to do that on board,” said Tournear. “That’s a big deal, multi level security so I can do processing anywhere from secret to top secret to unclassified, all on board. That’s a big deal that takes a lot of technology development.”
To reduce the risk of a supply chain intrusion, SDA will work with vendors to make sure they know where components came from. The Pentagon is especially worried about Chinese made components or software being used in U.S. systems that could provide avenues for cyber attacks.
“As I mentioned, supply chain was one of my main concerns,” said Tournear. “That’s not only just the robustness of the supply chain to ensure that I can get the parts but also to make sure that I can validate the provenance of the parts once I get them.”
SDA will accept bids from non-U.S. vendors but will require domestic vendors to supply certain critical components like flight computers, he said. “Understanding the provenance of the supply chain is a big concern so we’ll weigh that heavily when we do any selections.”