NRO Shifts Satellite Strategy to Counter Growing Cyber Threats
The National Reconnaissance Office (NRO) is shifting its satellite strategy to counter growing cybersecurity threats. This comes after a summer breach targeting intellectual property and personal information, highlighting the broad interest of cyber adversaries.
The NRO is moving towards proliferated constellations of smaller satellites. This approach aims to create redundancy and resilience against both kinetic energy and cybersecurity threats. However, many satellites still operate with a 'fire and forget' mindset, lacking mechanisms for updates or patches and making them vulnerable by design.
The vast attack surface of satellites, their signals, and ground systems presents a significant risk. Digital intrusions could cascade through entire networks, as seen in Russia's electronic jamming and cyberattacks against satellite internet. Christopher Scolese, director of the NRO, considers cybersecurity the top concern for U.S. spy satellites.
Modern systems now allow encrypted over-the-air updates, and AI tools are being developed to detect cyber intrusions. However, on-orbit servicing for cybersecurity upgrades remains limited. Security must be embedded from the start and exercised through war-gaming and red-teaming exercises to simulate cyber intrusions and operational sabotage.
The rapid commercialization of space has expanded both capability and the attack surface, requiring standardized protocols and active intelligence sharing for cybersecurity. Russia and China have developed more offensive cybersecurity capabilities targeting US reconnaissance satellites, including satellite jamming, blinding, manipulation, and kinetic destruction. Deploying kinetic or directed-energy weapons in orbit is challenging, making offensive cybersecurity capabilities more accessible and threatening.
