“The most cost-effective and simplistic cyberattack in space, one with the intent to bring down a targeted satellite, is likely to use an older satellite now viewed as space junk that still has fuel and can respond to communications. Hackers could then use that satellite to ram or force targeted space assets out of orbit. The benefits for the attacker are numerous. Consider that the life span of a satellite is as long as 30 years, and even afterward it can still orbit with enough propellant for functional communications. Space contains thousands of satellites, both active and inactive, launched by numerous organizations and countries, hosting more than 5,000 space-borne transponders communicating with Earth. Every transmission is a potential inlet for a cyberattack. Older satellites share technological similarities, providing opportunities to exploit systems for control and processing. Satellites may be based on hardware and technology from as long ago as the 1980s and are unlikely to have been upgraded after launch.
Even with the most-advanced digital forensics tools, tracing a cyberattack is complicated on terrestrial computer systems, which are physically accessible. Space-borne systems do not allow physical access, thus, lack of access to the computer system nullifies several options for forensic evidence gathering. The only trace from the perpetrator is the actual transmissions and wireless attempts to penetrate the system. If these transmissions are not captured, the trace is lost. A cyberattack resulting in a space collision would lack attribution and thus would be attractive to adversaries. A collision between a suddenly moving foreign satellite and a critical U.S. satellite would be neither a coincidence nor an accident. Or, even if a collision is narrowly avoided, a hacked satellite set on a crash course would force the targeted satellite to move – wasting fuel – and providing degraded service levels.”
