Op-ed | If hackers cripple your satellite, are you covered? Don’t count on it.
As the space community gathers this month in Paris for World Satellite Business Week, we have an opportunity to discuss risks in space. While traditionally we talk about solar flares, anomalies and space debris, increasingly risks in space include cyber risks that have repercussions on the ground. Satellites deliver communications, information and entertainment to billions of people every day. While we think of these satellite-delivered services as disconnected from the internet, in many instances we are talking about the ability to deliver the internet and related communications services to those billions on the ground. The risks are inherently interrelated.
Admittedly, it would take significant physical resources to take command of a GEO satellite 26,000 miles above the Earth, but if communication were established, the satellite’s onboard control systems and software – which may be up to 15 years old – may certainly be vulnerable to newer hacking techniques and technologies. Nor is it anymore inconceivable that interested parties may actually be willing to bring to bear the necessary resources to execute such an effort to bring down satellite communication systems at a massive scale. Similarly, the ever-increasing number of cubesats, with their less sophisticated systems and lower orbits, means there are many more potential targets with a potentially even greater cumulative impact.
A hacked satellite could be impaired in any number of ways. The hacker could switch of the satellite’s capabilities, command its thrusters to fire to deplete propellant or decay its orbit, turn off heaters to damage its electronics, or deliberately interfere with other broadcasters. Any of these scenarios would be fatal to the satellite and devastating for the operator, insurers and users. Cyberwarfare is an increasingly common feature of international conflicts and although military space systems and ground-based assets are the obvious primary target, commercial space assets are potential targets as well. That risk will only grow as more countries build capabilities and the number of satellites with greater connectivity increases. If we look at what is happening in the world of cyberattacks on non-space assets, there is clearly a lack of alignment in coverage intent across the industry. Recent non-space (property) insurance claims resulting from the 2017 NotPetya cyberattack that targeted dozens of companies in Ukraine, Europe and the United States are being denied by insurers, who have cited the ‘war exclusion’ that protects insurers from paying claims related to war damage. Insurers have declined to pay these claims when the United States government assigned responsibility to Russia for NotPetya, which the White House described as the “most destructive and costly cyber-attack in history.” Since there is no agreed legal definition of cyberwarfare, many of these disputes will ultimately be resolved in court.
The same war exclusion exists in all space insurance policies. Legal disputes regarding the validity of insurance claims will continue, and the combination of non-affirmative cyber coverage and the war exclusion leaves satellite operators with potentially inconsistent coverage in certain claims scenarios. The Lloyd’s Market Association (LMA), which represents the interests of the Lloyd’s insurance community, recognized that there is an urgent need for insurers — and the space community at large — to address the potential of a cyber-attack on satellites, launch vehicles or ground-based control systems. The LMA recently proposed model policy clauses in response to the publication of expectations relating to cyber insurance from the U.K. government. These clauses are a guideline for insurers, brokers and satellite operators and can be modified as needed.
LMA defines a “cyber-attack” as any unauthorized use or access of a computer system, or the release of a virus or denial of service such as jamming. This definition is different from a “cyber incident,” which is the catch-all term for all computer-related issues. The purpose of the clauses in the new model is to clarify cyber coverage for satellite operators and address the issue of “silent” or non-affirmative coverage for cyber-caused risks. Silent cyber coverage exists in almost all space insurance policies where cyber losses are not explicitly included or excluded, or where exclusionary language, when included, is ambiguous. Despite the possibility that cyber coverage may exist, albeit non-affirmative, many space insurers rarely, if ever, contemplate losses resulting from a cyber event. Consequently, many have not made allocations for this cost in insurance premiums.
The need for clarification is real and the ultimate benefactor will be the satellite operators themselves. The proposed LMA policy clauses not only define policy exposures in respect of cyber, but also proposes additional language in order to allow insurers to explicitly cover the cyber-attack risk and bring contract certainly to the insured party. Supporting the LMA initiative and seeking to clarify insurance coverage for the space industry will have multiple benefits: it will provide clearer and improved coverages, avoid protracted legal disputes that are costly for all parties and generally raise awareness of a growing concern for our industry.
Richard Parker has more than 30 years of experience in the space industry and is currently divisional president of Assure Space, Bethesda, Maryland, a company he co-founded in 2011. Wholly owned by Amtrust Financial Services, Inc., Assure Space is an underwriting agency that provides insurance for all aspects of the space industry.
This op-ed originally appeared in the Sept. 2, 2019 issue of SpaceNews magazine.