Satellite communications, navigation and Earth observation systems are crucial for everyday life. Dr. Frank Schubert, Aerospace Security Expert, explains how Airbus protects them against attacks.
Frank, why are satellites targets of cyber-attacks?
They are crucial for everyday life in our society – think navigation, TV broadcasts, weather forecasts, climate monitoring or military communications. The Internet-of-Things also stays connected through satellite communication. All this information and data is immensely valuable to different groups: our competitors, hacktivists, nation states or military forces.
How vulnerable are satellites to cyber-attacks?
In the past, only nation states were capable of attacking space-based assets. But today the technical barrier is much lower. It is possible to purchase steerable antennas, amplifiers, transmitters and software tools for recording satellite signals and even generating and transmitting signals that can interfere with critical satellite operations at relatively low cost. So state-of-the art monitoring and protection measures are a must for space-based systems, just like any other IT system that supports critical infrastructure.
How does Airbus protect all this?
We view satellites and their associated ground and user infrastructure as a whole: you can only secure them together as they constantly interact. To this end, we work closely with all our customers to find the best solution for each of them. We start from a project’s planning and definition phase, and continue during the design and operational phases. Our overarching target is to protect the confidentiality, integrity, and availability – CIA in short – of a satellite service and the communicated data. Each element of CIA requires a dedicated solution, for example encryption to protect the confidentiality or authentication messages to be able to detect if transmitted data has been tampered with. We constantly monitor the whole system 24/7 in our Security Operations Centres.
What happens after an attack is detected?
We use our experience in cyber defence and forensics to analyse, isolate, mitigate and help our customers recover from security incidents. We also offer satellite operators comprehensive training so they can react faster to attacks and are aware of how far a system or physical premises can be penetrated by using a combination of cyber techniques and social engineering skills like persuasion, phone calls, ‘lost’ USB sticks containing malware and the like.
Does Airbus offer the same security on its commercial satellites as its military satellites?
As mentioned above, it’s CIA that is all important, yet the level of protection required can differ. A commercial provider will be interested in protecting their ground, user and space segments to ensure customer sensitive data is secure and managed in line with data protection regulations. In contrast, military space users might be interested in protecting their space assets from electromagnetic pulses originating from high-altitude nuclear explosions, an attack which is beyond the scope of commercial missions. Either way, commercial, military, and dual-use missions rely on our cryptographic expertise – our solutions follow state-of-the-art industry and governmental standards. We continuously evolve our protection solutions so they are virtually unable to crack. In the case of joint commercial-governmental missions, we also apply military-grade hardening to commercial satellites and their ground systems.
Dr. Frank Schubert, Expert on Aerospace Security at Airbus CyberSecurity “We look after defence-related projects, as well as security for aeronautical and space-based systems. We work on information and IT security concepts to assure ground and space systems accreditation for our customers. On the aeronautical side, we are involved in the system design and integration of the Future Combat Air Systems (FCAS), whilst in space we secure Airbus satellite systems for example the European Data Relay System (EDRS). In all areas we prepare risk and threat analyses, we develop role, crypto and secure operation concepts and advise our systems engineering teams on security matters.”
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent
1 year
Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Cookie
Duration
Description
bcookie
2 years
LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie
2 years
LinkedIn sets this cookie to store performed actions on the website.
lang
session
LinkedIn sets this cookie to remember a user's language setting.
lidc
1 day
LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory
1 month
LinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie
Duration
Description
personalization_id
2 years
Twitter sets this cookie to integrate and share features for social media and also store information about how the user uses the website, for tracking and targeting.