The federal government currently deems 16 sectors as critical infrastructure sectors because of their importance.
Space experts Wednesday urged the federal government to classify certain space satellites, sensors and their command and control systems as critical infrastructure systems.
The move is necessary given the increased public importance of data beaming back and forth between GPS, weather and other satellites that—if attacked by an adversary—would have a debilitating effect on national and economic security, according to several officials speaking at The Aspen Institute Cyber Summit.
“Space is now a warfighting domain,” said Jack Blackhurst, executive director of the Air Force Research Lab. “We rely on space assets in times of war and there is a need to assure adequate cybersecurity and resiliency.”
Blackhurst added that the potential of commercial space assets being classified as critical infrastructure “is something we’re looking at for policy and norms of behavior.”
Erin Miller, vice president of the Space Information Sharing and Analysis Center, said cybersecurity vulnerabilities to the commercial space sector will increase significantly as technological capabilities expand across—and above—the Earth. The global space economy, she said, is expected to exceed $1 trillion by 2040, with 80% of that revenue being generated commercially, “creating a lot of need for awareness and educational resources” regarding cybersecurity. Already, cloud computing is beginning to underpin ground stations that handle voluminous amounts of satellite data, and 5G technology represents a major opportunity to further intertwine terrestrial and space networks.
“Because we know there are vulnerabilities in every system, the broader expansion across the globe of space systems allows for a larger attack vector,” Miller said.
Currently, there are 16 critical infrastructure sectors “whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof,” according to the Cybersecurity and Infrastructure Security Agency. They include the defense industrial base, health care, financial, energy and communications sectors.
A report released Dec. 2 by the Aspen Institute suggests two ways the government could add space to the mix. The first would be through amending existing law to classify commercial space as its own critical infrastructure sector, while the second option would be for the government to designate space infrastructure as a “subsector of an existing sector.”
“More and more critical services depend on timing information transmitted by GPS satellites or Earth observation data, and important Internet communications transit orbiting infrastructure, with the global 5G networks being built now,” the report states. “Designating the commercial space sector as critical infrastructure will facilitate prioritization of limited government resources, grow personal relationships between industry operators and policymakers, and help overcome obstacles to interagency coordination.”
Ed Devinney, corporate director of cyber programs for Northrop Grumman, said a national awareness about space and its importance in daily life will be the key to securing these systems. “Whether or not it is chosen as critical infrastructure,” Devinney said it’s important to build understanding and national coalescence that these systems must be secured.