2020 Predictions: IoT Satellites Spark Cybersecurity Worries

IoT satellites are proliferating in the near-Earth orbit and beyond. Threat actors could take advantage of the growing attack surface.

Brian Buntz

December 10, 2019

3 Min Read
CubeSat, or nano satellite 3D renderingGetty Images

The global positioning system has changed society since the launch of the first satellite, Sputnik 1, in 1957. From informing ship navigation to keeping “smart” weapons on track, the technology has myriad applications. A relatively small number of GPS satellites, flying in a medium earth orbit some 12,550 miles away, play an especially important role in society. 

In recent years, there has been a proliferation of satellites nearer to the earth. One example is the so-called CubeSat, which flies in low-earth orbit, which ranges from roughly 110 to 1,200 miles up. 

“I think cheap satellites are going to create some real security problems,” said Andrew Howard, chief executive officer of Kudelski Security. 

[IoT World is North America’s largest IoT event where strategists, technologists and implementers connect, putting IoT, AI, 5G and edge into action across industry verticals. Book your ticket now.]

The availability of inexpensive satellites could open up a number of security risks in a manner similar to drones. At one point, drones or unmanned aerial vehicles were used primarily for military applications. But as smaller and less expensive drones became available to the public, so have the number of problems of civilian drones popping up near airports, national parks and stadiums, and interfering with firefighting efforts.

The proliferation of inexpensive satellites could open up a similar can of worms. “I see there being huge security problems created from spying to privacy [concerns] to their being taken over,” said Andrew Howard, chief executive officer at Kudelski Security.

Several vendors have popped up positioning IoT satellites as a means of providing connectivity to remote geographies not served by cellular or other types of connectivity. 

Cybersecurity problems related to traditional GPS satellites are also a worry, said Bill Malik, vice president of infrastructure technologies at Trend Micro. Earlier this year, Malik gave a presentation at RSA, stating that such satellites suffer from similar vulnerabilities as networked industrial control systems and other IoT devices. In 2018, his colleague, Craig Gibson, who is Trend Micro’s principal threat defense architect, penned a blog post titled “Attack Vectors in Orbit: The Need for IoT and Satellite Security in the Age of 5G.” 

In July, the research paper “Cybersecurity of NATO’s Space-based Strategic Assets” also warned of the importance of carefully investigating the cybersecurity vulnerabilities of satellites for NATO’s operations. 

In general, there is a growing awareness of the role that satellites play in society. “People are becoming aware of [GPS satellites]. They’re a crucial element in the supply chain in the physical world,” Malik said. 

Routine supply chain operations such as trucks moving containers into ports depend on GPS satellites, as do ships. 

Malik is less concerned that satellite security worries will have a significant impact on 5G. While companies such as Amazon have plans to put 5G-capable satellites into space, the role satellites will play in enabling the type of blazing-fast, ultra-low-latency networks 5G is famous for is unclear. “I don’t see it, simply because of the distance problem,” Malik said. “Satellites have to orbit a couple of hundred miles up to avoid burning up, and if you’re in a near-Earth orbit, that means you’re either moving very fast or else you’re in an eccentric orbit you’re only close for a few minutes at a time.” 

Even with a satellite positioned 200 miles above the earth, distance is a problem. In a single millisecond, light travels miles. “One of the criteria for 5G is that your latency — your total response time — is under one millisecond,” Malik said. “So you don’t have enough time to get to the satellite and back, even if there’s no processing at all to stay under that threshold.” 

About the Author(s)

Brian Buntz

Brian is a veteran journalist with more than ten years’ experience covering an array of technologies including the Internet of Things, 3-D printing, and cybersecurity. Before coming to Penton and later Informa, he served as the editor-in-chief of UBM’s Qmed where he overhauled the brand’s news coverage and helped to grow the site’s traffic volume dramatically. He had previously held managing editor roles on the company’s medical device technology publications including European Medical Device Technology (EMDT) and Medical Device & Diagnostics Industry (MD+DI), and had served as editor-in-chief of Medical Product Manufacturing News (MPMN).

At UBM, Brian also worked closely with the company’s events group on speaker selection and direction and played an important role in cementing famed futurist Ray Kurzweil as a keynote speaker at the 2016 Medical Design & Manufacturing West event in Anaheim. An article of his was also prominently on kurzweilai.net, a website dedicated to Kurzweil’s ideas.

Multilingual, Brian has an M.A. degree in German from the University of Oklahoma.

Sign Up for the Newsletter
The most up-to-date news and insights into the latest emerging technologies ... delivered right to your inbox!

You May Also Like