ENISA Probes Space Threat Landscape in New Report

The EU’s leading cybersecurity agency has published a detailed new report outlining the threat landscape and recommended steps to mitigate the most acute risks in the space sector.

ENISA argued in its Space Threat Landscape report that there’s an urgent need to address such risks, given the growth of the sector in recent years and its importance to various industries.

Citing third-party figures, it claimed there are over 10,000 active satellites in various Earth orbits today, with over 60% of the most active satellites owned by private operators.  

These now provide services for phones and internet access, satellite TV and radio broadcasts, land and water resource monitoring, precision farming, remote sensing, management of remote infrastructure, and logistics package tracking, among other things, it said.

Read more on satellite-based threats: China Developing Anti-Satellite Weapons – Report

“By becoming the backbone of some of the key modern economic activities, the new ‘space race’ has also increased the potential for harmful effects of any loss of capability, no matter the cause, opening the door for new vulnerabilities in parallel,” the report noted.

“The use of off the shelf and open source hardware and software components, trends such as software-defined satellites, in-orbit reconfigurations, onboard intelligence, and quantum technologies are all making space assets and data increasingly susceptible to cyber-attacks.”

ENISA warned of potentially “cascading effects” stemming from attacks on satellites, including financial losses for businesses relying on satellites and potential disruption to essential services, causing societal harm and loss of life. Compromise of sensitive information transmitted via satellites could also create legal and regulatory risks for firms, ENISA added.

Meanwhile, potential misalignment of satellites as a result of cyber-attacks could lead to collisions and space debris, which may render regions of space unusable.

Specifically, ENISA highlighted the following risks:

• Supply chain risks
• Use of third-party commercial off-the-shelf (COTS) components
• Legacy systems and limited visibility, due to the remote nature and location of space systems
• Weak configuration (especially a lack of encryption)
• Human error
• The threat of sophisticated cyber-attacks

To date, there have been relatively few cybersecurity guidelines published for commercial satellite operators, aside from NASA’s Best Practice Guide published in January 2024 and another July 2024 report from the European Cooperation for Space Standardization (ECSS), ENISA claimed.

Best Practices for Risk Management in Space

To address some of the key threats facing satellite operators, ENISA advised:

• Implementing security-by-default and by-design principles
• Analysis, testing and hardening of COTS before and after being introduced into operations
• Strengthened physical security of all ground-based and space assets
• Deployment of validated cryptography into space systems
• Introduction of robust segmentation measures
• Regular patching and hardening of space systems
• Adopting a zero-trust approach
• Adopting cyber-hygiene practices

“The commercial exploitation of space has become the backbone of key economic activities. Digital threats in space are therefore highly critical,” said ENISA executive director, Juhan Lepassaar.

“Besides, their cascading effect have also the potential to induce geopolitical tension. This is why commercial satellites must be cyber secured at all cost.”

The space sector is covered as an essential entity by the NIS2 directive. However, it was highlighted in a recent report as one of six sectors currently struggling to comply with the directive, due to limited cybersecurity knowledge and a heavy reliance on COTS.

In 2022, Russia launched a major cyber-attack on US firm Viasat’s KA-SAT satellites in Ukraine, in a bid to disrupt communications in the country before its invasion.