New Space: challenges linked to cybersecurity and sovereignty

The inexorable forward march of digitisation in the space sector raises the question of data security, and the risk of future cyberattacks on its major players. More than a year ago, in February 2022, an attack on a satellite in the KA-SAT network resulted in partial interruption of the high-speed ViaSat service for many customers.

« The difficulty of ensuring cybersecurity in space can be linked to the immensity of the satellite constellations and their positioning at different altitudes in the sky. It would be more advantageous for someone to attack a satellite via the ‘cyber’ route than to destroy it, simply because this kind of attack is anonymous and doesn’t create debris; there’s already more than enough space junk, » says Nicolas Malbec, Senior Strategy Advisor at Opus Aerospace, a specialist launcher company.

In addition, attacking a geolocation services satellite hampers, and may even halt completely, the activity of thousands of companies. « Today, in addition to ships at sea, there are whole sections of the oil and gas industry, and of the agricultural, transport, energy and construction sectors, that are critically reliant on geolocation, » Nicolas Malbec concludes.

An ecosystem radically altered within a few years

Evolutions in the configuration of the space ecosystem explain the new opportunities presenting themselves to cybercriminals. « The components that existed before were very monolithic, somewhat closed and highly compartmentalised, and they were operated by specialist teams for a given usage. In the space of a few years, we have shifted to an approach that leans very much towards ‘security through obscurity’ with the emergence of off-the-shelf components, » observes Julien Airaud, Cybersecurity Programme Manager at the French Space Agency CNES.

The sector as a whole has become far more dispersed, whereas it used to be highly integrated. « On the subject of cybersecurity, companies are popping up that specialise in security components, space monitoring, networks of stations, etc. The supply chain for an orbital system has undergone radical change. The challenge today lies in recreating the trust we need to have on Earth with regard to space projects, taking into account this new chain, » adds Julien Airaud.

« New Space is a game-changer, because new actors are appearing on the scene. Their vision of space programmes is completely different. They are responding to requirements to cut costs, respond far more quickly, and reuse known software and technological resources. The drawback of reusing existing resources in this way is that you bring in significantly more vulnerabilities, » according to the analysis of Étienne Gérain, expert in information security and space cybersecurity, and founder of Priamos.

IRIS²: the challenge of European sovereignty

In May 2023, a group of European actors in the space and telecoms domains formed a partnership, in response to the European Commission’s call for tenders on Europe’s future satellite constellation IRIS² (Infrastructure for Resilience, Interconnectivity and Security by Satellite). IRIS² is designed to provide a new, secure and resilient communication infrastructure for Europe’s governments, businesses and citizens.

The consortium is open to additional stakeholders, and will be directed by Airbus Defence and Space, Eutelsat, Hispasat, SES and Thales Alenia Space. It will also be underpinned by a « Core Team » comprising the following companies: Deutsche Telekom, OHB, Orange, Hisdesat, Telespazio and Thales. Together, these companies wish to develop a cutting-edge satellite constellation, founded on a multi-orbit architecture that is interoperable with the terrestrial ecosystem.

« The objectives around IRIS² are incredibly ambitious, so as to make the constellation operational as quickly as possible, by 2027 specifically. This is an extremely tight deadline for its implementation. The investment involved is substantial; the total estimated cost is 6 billion euros. The challenge lies more in the organisational and collaborative aspects than in technical issues« , says Patrick Trinkler, founder & CEO of Cysec.

Yvan-Michel Ehkirch, Managing Partner at Karista, shares this opinion: « The biggest challenge of the IRIS² project is actually about moving quickly. And there’s a risk that we won’t progress fast enough. Operational solutions exist on the market today. It’s a really good thing to be creating a sovereign infrastructure at European level. However, to move quickly we have to identify the leader companies and provide them with resources on a massive scale so that they can expand super-fast. This hasn’t often been achieved before in Europe. »

However, Julien Airaud (CNES) puts this into perspective as follows: « We are accustomed to running Europe-level projects. Galileo progressed via this route, and we can benefit from lessons learned there. The collaboration is already in place. It’s certain that IRIS² goes a step further and there’s a need to move faster, but on the whole we know what we’re doing, and the industrial collaborations will take shape. We’re still just at the beginning. »