Canadian Journal of Law and Technology


data breach, cyber attacks, NASA Jet Propulsion Labratory, space assets


In 2018, NASA’s Jet Propulsion Laboratory was the subject of a data breach where over 500 megabytes of data from a major mission system was stolen by hackers. This attack affected NASA’s Deep Space Network, prompting the United States Johnson Space Center to disconnect the International Space Station from the affected gateway due to fears that mission systems could become compromised. NASA has acknowledged that its vast online presence, which includes thousands of publicly accessible datasets, offers a large potential target for cybercriminals. The 2018 incident was one of many, with NASA experiencing more than 6000 cyberattacks from 2017-2021 alone.

But NASA is not the only target — cyberattacks on space assets continuously occur around the globe. Outer space is experiencing unprecedented transformation, with more satellites being built and deployed than ever before. Increasing reliance on satellite communication, satellite data, Earth observation services, and ‘‘cloud” ecosystems creates a new domain for cyberattacks that can affect any space mission. This means that there is a growing need to minimize exposure to cyberthreats to protect the global population and economy.

Why is protecting space assets from cyberattacks so important? Because vulnerabilities associated with space assets like satellites pose serious risks to critical infrastructure on Earth. Many existing satellites have been in service for over a decade, were not launched with modern technology, and were not designed with cybersecurity in mind. Cyberattacks on space assets could therefore result in the targeting of governments, private corporations, or individuals; cybercrimes or espionage activities; the spread of misinformation or disinformation; and disruption to critical infrastructure systems like power grids, communication networks, transportation systems, water systems, or financial services.

Considering the growth of the industry and the technology in use, cyberattacks on space assets should be expected. Traditional methods and past practices lacking organized approaches to cybersecurity will not be sufficient to prevent cyberattacks from occurring. In this article, it is argued that States must move towards ‘‘comprehensive and evolving” cybersecurity strategies that can provide full life cycle protection to space assets. To accomplish this, I propose that an international, industry-specific cybersecurity standard be developed and imposed on all space actors.