It is understandable that military analysts focus on Russia and the threat it poses to Ukraine. But when it comes to cyber, and in particular cyberdefense and offense in space, we cannot forget that China is the leading threat. Lessons from the war against Ukraine may have only limited application to this more critical, longer-term struggle.
In the lead-up to the war in Ukraine, many analysts made the mistake of assuming Russian cyber aspirations and capabilities would resemble our own. In the past, American and allied cyberattacks have disabled military infrastructure, as in the case of the Stuxnet virus attack on an Iranian uranium-enrichment facility in 2010. Another attack on Iran reportedly disabled air-defense systems when the United States came close to bombing that country in 2019 in response for shooting down an American drone.
These are the types of impressive capabilities that many assumed Moscow and its legion of keyboard warriors might also possess.
China Is Just a Cyberstep Behind
The reality of the Ukraine war tells a different story. Russia hacked an American satellite company just one hour before its invasion of Ukraine in February, which impacted some Ukrainian military communications. However, that attack, and others that have received less media attention, used “wiper” malware that simply deleted information on adversarial ground terminals, which was quickly corrected. Follow-on attacks against SpaceX’s Starlink service have so far resulted in no significant degradation of service. The impact has been noticeable but manageable, and it represents fairly low-grade sabotage.
Unfortunately, we cannot assume that the cyber components of a conflict with China will resemble what we are seeing in Ukraine. Consider first of all that China has a $14.3 trillion economy, compared to Russia’s GDP of just $1.7 trillion at official exchange rates. While both countries have significant workforce technical skills, China has spent decades trying to copy and surmount the skills found in the United States and other highly advanced countries. It is a step behind the United States, Japan, Taiwan, and our other peers in semiconductors, supercomputers, and avionics — but only just a step.
Both Beijing and Moscow can draw on almost all technical resources within their borders, even if those resources are not formally housed within military or other governmental organizations. However, Beijing has the advantage of an integrated technology industry. For example, Chinese companies like Huawei and their vendors supply hardware and software for just about every stage of the mobile communications ecosystem – from the hardware in mobile towers, to the handsets used by consumers, to the semiconductors that drive both. Russian offensive cyber outfits, such as the military intelligence GRU’s “Fancy Bear,” demonstrate what resourcing, persistence, and understanding of the vulnerabilities of systems can do. What they do not show is any leap-ahead capabilities in development or deployment.
Preparing for Cyberwar, Chinese-Style
Most military planners agree that China will try to blind U.S. forces by disabling satellites early in a conflict. If Beijing succeeds, the United States will have trouble understanding, communicating within, and even navigating the battlefield. Even if the United States and its allies turn China’s satellites into orbital debris, Beijing can rely on terrestrial, naval, and airborne sensors and communications, since most of the kinetic fighting will be in its own region. Far from needing to employ lasers or hit-to-kill kinetic weapons against satellites, Beijing can do its greatest damage through cyberattacks.
Last May, the Air Force and Space Force held a “Hack-A-Sat” competition that showed how almost anyone with a decent antenna can communicate with an orbiting satellite. Far from the distant safe space it once was, the low-Earth orbit where most satellites reside is best thought of today as a giant data center where any adversary can install a new server right next to yours. In fact, there are many reports that China has done precisely this, with the objective of compromising or disabling our satellites when the time is right.
To defend against the cyber threat from Beijing, it is imperative that we use a fresh approach to space cybersecurity. Instead of treating space like the terrestrial internet, we need a new security system that reflects the distributed nature of all the individual systems in the satellite ecosystem—the “big data center in the sky.” This would require a national effort pairing government with business to ensure each piece of software in the space ecosystem is designed with its own security systems and permissions. This approach would go beyond the currently popular concept of “zero trust” software that is designed with security foremost in mind but still seeks to secure networks that have fundamentally insecure application software. That is an after-the-fact fix rather than a fundamental change to software design.
Instead, we should work to make sure all software on satellites and other critical systems for national security are built from the beginning with security as the fundamental feature: true zero-trust architecture. By doing so, we can forestall China’s ability to mount a cyber Pearl Harbor at the outset of a conflict by using its massive national resources against the technology on which we depend.
Matt Erickson is the VP Solutions of SpiderOak, a space cybersecurity company.