14 September 2021

The growing threat of cybercrime in the space domain

Andre Kwok

In July 2021, Richard Branson made global headlines with his journey to outer space on Virgin Galactic’s spaceship. This historical feat proved the feasibility of space tourism and the many interests of corporations in outer space. As a major non-state actor, corporations have joined the increasingly crowded space domain, prompting new discussions on regulating commercial, military and technological activities in outer space.

The conversation on non-state actors often focuses on corporations, overlooking illegitimate non-state actors like terrorists and transnational organised crime groups. In the post-9/11 world, illegitimate non-state actors have caused much strain on international law. Reflecting the growing space sector, terrorist acquisition of space-applicable cyberattack tools will further test international law.

In 2007, Sri Lanka’s Tamil Tigers rebel group hijacked an Intelsat satellite to broadcast ethno-nationalist propaganda to Europe and Asia. Representing Sri Lanka’s Tamil minority population, the Tamil Tigers fought a devastating civil war with the Sri Lankan military that led to extensive war crimes and crimes against humanity.

The Tamil Tigers exploited a vacant ku-band transponder to broadcast political messages for over a year. Experts suggest such incidents could potentially become more frequent in the region as signal piracy and jamming capabilities become more advanced. This corresponds with increasing access to satellite television and greater technical expertise. Intelsat Executive Vice-President Phillip Spector responded that ‘Intelsat does not tolerate terrorists or others operating illegally on its satellites’.

The Tamil Tiger’s success in compromising the world’s largest commercial satellite operator at the time signalled a step up from conventional sea piracy to space-based cyberattack. Although the Sri Lankan Civil War ended in 2009, this case points to an emerging new grouping of non-state actors possessing political interests in controlling long-range telecommunications and developing sophisticated hacking competencies.

Given the enormous reliance on space-based technologies, satellite jamming can have catastrophic effects. Motivated by extremist ideology, a successful terrorist cyberattack today could lead to unprecedented havoc involving denial-of-service attacks on critical space infrastructure, hijacking sensitive location data, capturing military base locations and troop positioning imagery. The vast scale of global disorder triggered by terrorist acquisition of satellites can range from disabling essential telecommunications to triggering a disastrous financial crisis.

Although the Tamil’s Tiger’s satellite hijacking occurred over a decade ago, modern satellites are still highly vulnerable to jamming and cyber security attacks. Many world-class satellites and military technologies are susceptible to low-cost and commercially available jamming tools. Once the initial jamming and spoofing is developed, it is inexpensive to mass-produce and becomes easily available to non-state actors, including terrorists.

Corporations and states continue to pursue ambitious space projects. Similarly, the United Nations announced that terrorists have become increasingly innovative in integrating long-range telecommunications, artificial intelligence and social media to strengthen their activities. There is a dire need for space policymakers to revisit encryption protocols and cybersecurity technologies in critical space infrastructure.

In recent years, with the growing affordability of space technologies alongside the growing participation of corporations and non-government organisations, the notion of the ‘democratisation of space’ has come into the public eye. This paradigm shift will realise greater space accessibility for humanity, undoing the previous reality of exclusive access by global superpowers and wealthy corporations. This is reinforced by the UN Space Benefits Declaration, which stresses cooperation and equity in outer space.

Paradoxically, this envisioned open-access domain forms a launchpad for terrorists. Consequently, this illustrates new regulatory challenges amid space democratisation and an increasing awareness that non-state actors in the space domain are not always ‘good’. Governments should consider dedicated transparency and confidence building measures. This could consist of increased information sharing systems mapping the emerging cyber-capabilities of terrorist groups between countries alongside agreed minimal cybersecurity standards. Besides the clear priority to bolster cybersecurity in outer space, thwarting cyberterrorism must be a cooperative effort.

The growing involvement of non-state actors in space raises questions about how the current international legal order — involving the core five space treaties, including the Moon Agreement with limited signatories — applies to violent non-state actors. It also raises key questions about how the non-concessions principle of ‘we do not negotiate with terrorists’ applies to outer space terrorism.

Although the greater inclusion afforded by space democratisation is essential, a greater balancing act is needed to moderate newer participants in the space domain. The international community should not let corporate technological progress overshadow the potential dangers posed by illegitimate non-state actors in the space domain. Considering the stakes, if this not adequately addressed, space terrorism risks disastrous consequences.

No comments: