CISA working group assessing cyber risks to space infrastructure
The Cybersecurity and Infrastructure Security Agency established a cross-sector space working group that is performing an assessment of risks to both federal and commercial space infrastructure, said Assistant Director Bob Kolasky.
CISA’s primary concern is mitigating cyber risks to position, navigation and timing (PNT) services and GPS, Kolasky said, during an AFCEA Bethesda event on Tuesday.
The agency already examined all 55 national critical functions — ones government and the private sector perform that, if corrupted, would be detrimental to national security — as they relate to space.
“We have to think about space as a potential risk vector to national critical functions and space infrastructure as critical infrastructure,” Kolasky said.
CISA’s working group will leverage critical infrastructure sector partnerships, similar to how it’s done with pipeline operators in the aftermath of the Colonial Pipeline ransomware attack in May, he added.
The agency is also exploring ways to extend the benefits of investments in national security systems to commercial space missions working with the Department of Defense.
CISA continues to partner with DOD and the Department of Transportation to ensure redundant and terrestrial backup systems to space systems are resilient. Meanwhile the Department of Commerce’s Office of Space Commerce is teaming with DOD, DOT and NASA; industry; and academia to populate its Open-Architecture Data Repository of orbiting satellite and space junk locations.
The challenge to any efforts to harden space systems from earth after launch is they employ channels that foreign adversaries like Russia and China can also exploit.
“Space systems have a unique characteristic of things up there, right?” Kolasky said. “You don’t get many opportunities to replace them.”