Skip to main content
representation of topic
Technology11 November 2024

Looking to the skies: The importance of satellite cybersecurity

Brief by

Executive summary

Between 7,5001 and 9,200 active satellites2 orbit the Earth every day. Yet, losing a single satellite can have more of an impact than ever before. Satellites are now integral components in our economies, governments and telecommunications networks; losing even a single satellite can have disastrous consequences. Case in point, in early 2022 a cyber-attack on one satellite, KA-SAT, cut internet access for more than 40,000 internet modems across Europe, taking offline thousands of wind turbines in Germany, impacting emergency services in France and leaving remote communities without any means of contact to the outside world.3

The cybersecurity of satellites is a well-documented but long-overlooked issue. This brief examines the Russian attack on KA-SAT and considers what Australia and the region can learn from this event, particularly as satellites become an increasingly vital component of regional communications networks. It also considers the role of satellites in broader digital connectivity as well as their complex supply chains and dual-use nature.

While there is no silver bullet to addressing cybersecurity flaws — including with satellites — there is a set of practices that countries should have in place to improve their resilience and responsiveness. This brief proposes the following steps for the Australian Government to undertake, including the Department of Home Affairs in coordination with the Department of Defence and other relevant departments:

  1. Encourage its allies and partners to follow its lead in adding satellite systems — as part of the space technology sector — to its set of critical infrastructure sectors, thereby mandating important cyber measures.4 While some of these measures are yet to be activated for satellites in Australia, overseas key allies like the United States and European Union have not yet designated satellites in their entirety as critical infrastructure (although some parts are captured by other legislation).
    a. Ensure the appropriate monitoring and assessment processes are in place to guarantee ongoing adoption of best practices. This can be included in contracts, requiring partners throughout the satellite supply chain to meet certain cyber standards and authorising monitoring mechanisms to ensure ongoing compliance.
  2. Ensure a ‘one is none’ approach to involving private-sector actors in defence satellite networks to build redundancy capability and spread risk in a manner that does not excessively increase exposure by offering additional attack surfaces for malicious actors.
  3. Expand threat intelligence-sharing networks between providers and agencies in national and international contexts, building on the Information Sharing and Analysis Centres (ISACs) used in other cybersecurity areas, to help thwart attacks and build best practices.
    a. The recent Memorandum of Understanding between the Australian Cyber Collaboration Centre with the Space ISAC5 is a welcome step. Space ISAC also counts US, Japanese, Israeli, Greek, French and UK government agencies amongst its partners as well as private-sector members. However, with the European Union also recently launching the EU Space Information Sharing and Analysis Centre,6 there is a need for coordination and collaboration between and amongst these different ISACs and their members to ensure rapid and expansive threat and information sharing. Cyber threats do not respect regional boundaries, and information-sharing mechanisms must be similarly flexible.
  4. Promote pathways for international intelligence sharing after cyber-attacks between governments and the private sector to improve preventative responses and allow for accelerated joint attributions against perpetrators. This can include improving the measuring and accounting of cyber harms and violence to evaluate the impact of different actors.
    a. Accelerate cyber attributions after events — including involving as many willing partners as possible to continue promoting responsibility and international norms, as well as adding pressure on malicious actors.
  5. Closely monitor the concentration and integration of satellite capabilities into large technology companies, particularly those used for defence purposes. Clearer contracts when using civilian technologies in defence contexts will be important to avoid some of the tension seen in Starlink’s use in Ukraine and to protect critical civilian satellite networks.

The attack on KA-SAT

In February 2022, just as Russian ground troops entered Ukrainian territory, a communications satellite that orbits the earth 36,000 kilometres above the equator7 suddenly stopped providing internet connections to more than 40,000 internet modems across Ukraine and Europe.8 This event was one of the largest satellite cyber-attacks in history and marked a significant moment in satellite cybersecurity, where a mode of communication was intentionally taken offline as part of a coordinated military strategy — Russia’s invasion of Ukraine.

How satellites work

Satellites, together making up ‘constellations’ or networks, underpin a number of fundamental, modern-day technologies. These include everything from the navigation and timing in smartphones and Google Maps to disaster responses, power grids and ATM transactions, as well as communications, such as in-flight entertainment and internet access for remote areas.9 The United States dominates satellite infrastructure (see Figure 1), with American owners or operators managing more than two-thirds of all recorded operational satellites.10 By comparison, Australian owners or operators make up a mere 0.2% of the global share of operational satellites.11

Figure 1. Country of satellite owner or operator (as of May 2023)

Source: Union of Concerned Scientists
Note: Figures are from an open-source database.

Advances in satellite technology have expanded the capabilities of and access to various satellite networks12 and led to their integration into broader technologies — including in defence and national security applications as backup communications channels13 — alongside individual and commercial uses. These innovations include the development of inter-satellite links where signals can be carried between satellites before being beamed back down to a ground station — allowing for a string of smaller satellites to send their signals further than was previously possible.14 Different satellites offer a range of benefits, challenges and functions, as set out in Table 1.

Table 1. Types of satellites

Sources: Inmarsat; International Telecommunications Union; EOS
Note: x. These functions can be covered by different satellite types, these are those most adept for each type.

At its launch in 2010, Eutelsat’s new KA-SAT communications satellite network — which sits in a geostationary high-Earth orbit (HEO) — promised to lower the cost of satellite-provided internet access for up to two million European customers.15 In the years following its launch the KA-SAT system amassed clients spanning government, commercial and individual users. However, on the morning of 24 February 2022, access to the KA-SAT satellite network, purchased from Eutelsat by American company Viasat in 2020, began to cut out. Approximately one hour after the outage started, Russia’s invasion of Ukraine began.16

The loss of internet connection impacted individual and corporate users in Ukraine and across Europe17 and marked one of the most prominent, large-scale attacks on a satellite network to date.18 In total, between 40,000 and 45,000 modems were taken offline,19 with users left with no way to reconnect — severing the only form of communications for some in remote regions.20 While Viasat “largely stabilized [the network] within hours,”21 the nature of the attack meant recovery times were significant. Due to the way modems were integrated into broader systems, for some customers the aftermath took months to be resolved. This included over-the-air updates, shipping replacement modems and manually replacing faulty modems, including restoring the capabilities of 5,800 wind turbines in central Germany whose modems were knocked offline.22 The attack also impacted critical first-responder services in France, including ambulance and firefighting services.23

KA-SAT coverage over Europe and the Mediterranean Basin (different colors show frequency reuse).
Source: Wikipedia

More than two years later, the degree to which the attack impacted Ukrainian military communications is still unclear. Shortly after the attack in early March 2022, Viktor Zhora, the deputy head of Ukraine’s State Service of Special Communications and Information Protection, was quoted saying: “It was a really huge loss in communications in the very beginning of war.”24 Media reported25 that the Ukrainian Government and military had contracts with Viasat for their satellite networks.26 However, Viasat emphasised that no government users were affected by the attack.27 Additionally, in an interview about six months later, Zhora contrasted his earlier statement, suggesting Viasat’s KA-SAT was only used as a ‘backup service’ for military communications. He noted that the attack “didn’t impact the process of coordination between forces and between state leaders and forces” on the day of the Russian invasion.28

In May 2022, following a month-long US-led diplomatic effort, the United States,29 alongside the EU,30 the United Kingdom,31 Australia32 and several other countries, publicly attributed the Viasat attack to the Russian Government. In particular, the UK’s National Cyber Security Centre stated that “the primary target [was] the Ukraine military” and Russia was “almost certainly responsible.”33 In both the UK and the EU statements, the timing of the attack was emphasised, noting it took place “one hour” before the Russian invasion, “facilitating the military aggression” or invasion of Ukraine in a manner that appeared to coordinate with the military’s actions.34 All four statements also emphasised that the attack had “spillover impacts into other European countries,” affecting those beyond the direct, intended targets.35

The nature of this attack and the response to it raise important considerations for policymakers and the communications industry, with satellites now a core part of the infrastructure that supports the modern digital economy, connects remote communities and provides vital interconnectivity.

Lessons for Australia

With satellites integrated into critical infrastructure across the globe, including in Australia, it is critical to seize all opportunities to improve their cybersecurity. As highlighted by the Volt Typhoon campaign where Chinese hackers have targeted US critical infrastructure,36 the vulnerabilities of these vital assets are a target for adversarial actors. As in all cases, including with satellites, cybersecurity is only as strong as its weakest link.

Growth in satellites and subscribers means increasing dependency and integration

As the uses for satellites have expanded from the bespoke provision of satellite television and GPS navigation to disaster response and competing with fibre-optic cables for internet streaming, the number of satellites and satellite users has boomed (see Figure 2). More than 7,500 operational satellites are estimated to be in operation, with thousands of launches planned for the future.37

Figure 2. Satellites by launch year and country (2009–2024)

Source: Jonathan McDowell
Note: * 2024 launches are only until October 2024.

The introduction of new players has led to a rise in constellations of low Earth orbit satellites (LEOs) under programs like SpaceX’s Starlink and Amazon’s soon-to-be-launched Project Kuiper.38 These constellations use a combination of mass launches and low latency — by virtue of their lower orbit and technical innovations — to make LEOs a competitive (if still costly) internet provider compared with high-end, fibre-optic connections. As seen below, since launching in 2019, Starlink’s fleet of LEO satellites (with a total of 7,010 launched)39 has achieved global coverage to service consumers in all seven continents — with more than four million customers globally in 2024.40 These trends mean that the internationally regulated orbital slots for satellites are becoming “increasingly crowded.”41

Starlink satellites in orbit over Australia and the Indo-Pacific, November, 2024.
Starlink satellites in orbit over Australia and the Indo-Pacific, November, 2024. Source: https://satellitemap.space/

Despite its low satellite ownership figures, Australia is a global leader in the use of satellites for broadband connections, making it potentially more exposed to satellite-related cybersecurity vulnerabilities. Australia sits third in total broadband satellite subscriptions (Figure 3a) and third in per-100-inhabitant terms (Figure 3b) among OECD member countries. At a conservative estimate, this means that one in every 296 Australians holds a satellite subscription, although further analysis suggests this is an underestimation.

Other estimates suggest that between the NBN-affiliated Sky Muster service (86,254 subscribers as of June 2024)42 and Starlink’s Australian customers (more than 250,000 in mid-2024),43 Australia has close to 300,000 users of broadband satellite services. Starlink has also signed partnerships in 2023 with local telecommunications companies, including Telstra44 and Optus,45 to provide an additional option for voice and broadband internet connection for those currently without optimal access in Australia.

Figure 3a. Total satellite broadband subscribers (2009–2023)


Figure 3b. Satellite subscriptions relative to population (2009–2023)

Source: OECD
Note: Rest of world captures all other OECD member countries noted in the data — other countries not included in this dataset may also have satellite subscribers.

Across the broader Indo-Pacific region, a similar story is playing out. Throughout Asia and the Pacific, only 21.6% of the population is within 10 kilometres of high-capacity fibre-optic cable infrastructure — the lowest of any region globally.46 Island nations without their own subsea cable or connections to nearby cables for internet, such as Norfolk Island, must rely on satellites for their communications. For others like the Philippines with its 7,100 islands and Indonesia with 16,000,47 satellites offer one of the most cost-effective approaches to addressing digital exclusion — with the former using them to connect key infrastructure like hospitals and schools.48 In Malaysia, Prime Minister Anwar Ibrahim waved “nitty gritty bureaucratic encumbrances”49 to support SpaceX’s Starlink, noting that: “I was just in one of the indigenous villages in the hills. To them, connectivity means Starlink.”50

For other countries, satellites offer redundancy in the event of a natural disaster. For example, after a volcanic eruption damaged subsea cables in 2022, Tonga lost connection to the world for more than a month — something satellite connectivity can help prevent.51 As the Asian Development Bank noted, the advent of increased LEO satellite constellations will suit regions like Southeast Asia, allowing for infrastructure that can service broad swathes of the region at a potentially lower cost than other cable-based solutions.52 Some estimates expect Southeast Asia to have close to 1.8 million subscribers for satellite communications by 2028.53

However, this level of uptake raises the stakes for future incidents. These satellite systems are often framed as designed for those that lack other internet connection options, such as fibre-optic connections or telecommunications towers, including in remote or inaccessible areas. As they become integrated into and integral to broader systems, the impact of any potential outage or attack is amplified and can render whole systems unusable. Australia has already experienced first-hand the impact of a satellite outage with Inmarsat I-4 F1 in mid-2023, which delayed crop seeding in farms and compromised maritime safety systems, requiring farmers to return to manual processes to sow seeds.54 With their growth in use and integration into broader systems, it is critical that satellite systems are also secure.

The cybersecurity of satellite infrastructure is concerningly weak

While various researchers have highlighted55 the ongoing cybersecurity vulnerabilities of communications satellite networks — from issues with network configuration56 and ground systems57 to onboard satellite firmware,58 a number of researchers59 and industry voices have noted that the KA-SAT attack was a “wake up”60 or “clarion call”61 for the industry, exposing the fact that satellite networks were now a target for malicious actors. The KA-SAT attack was specifically initiated by targeting vulnerabilities in the software of the ground station, which sends the signal up to the satellite itself.62 Following the attack, the US Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigations released advice for satellite communication providers about improving their cybersecurity.63 Notably, while LEO constellations with a larger number of smaller satellites have the benefit of redundancy simply by virtue of their numbers, research has still assessed them as having “largely insufficient protections against attackers.”64

A number of researchers and industry voices have noted that the KA-SAT attack was a “wake up” or “clarion call” for the industry, exposing the fact that satellite networks were now a target for malicious actors.

This issue of cybersecurity is an area of growing focus in Australia and internationally. Australia has experienced a spate of hacks and cyber-attacks65 in recent years, exposing the health, financial and personal data of millions of Australians.66 Simultaneously, with the spread of the internet, many systems have become homogenised, concentrating internet traffic and security with a few key players.67 This increases the impact that any single outage can have. This was highlighted by the recent global CrowdStrike outage, which affected 8.5 million computers worldwide,68 grounding planes, closing supermarkets and leading to New York City’s famous Times Square billboards going dark.69 It is estimated that the outage cost Australia around $1 billion alone.70 As the former CEO of the UK’s National Cyber Security Centre Ciaran Martin noted, such an innocuous (if impactful) outage offers a “glimpse” into the damage a proper, disruptive cyber-attack by a malicious actor — motivated by geopolitical, strategic or financial reasons — could cause.71

As satellites increasingly become part of the connectivity infrastructure of large enterprises across the globe — either as redundancy systems or to deliver particular services — they must be appropriately cyber-resilient. This is especially important as they are integrated into a nation’s critical infrastructure (such as hospitals or power grids), including as primary means of communication. The very process of integrating them into larger systems could help drive an uplift in their cybersecurity, through the adoption of best practices from other communications systems and being held accountable through more stringent regulations, like Australia’s Security of Critical Infrastructure Act 2018 (SOCI) that mandated consistent cybersecurity standards and obligations for providers across a range of sectors.72

Satellites face unique weaknesses

There is a particular need to tackle some of the unique weaknesses of satellite systems — including the fact that satellites are literally out of reach when it comes to making hardware changes or adaptations once they have been launched.73 Similarly, the sheer scale and complexity of each satellite, ground system and launch requires large supply chains and networks, again raising the likelihood of vulnerabilities being introduced.74 Indeed, in the case of the KA-SAT attack, the key vulnerability, a Virtual Private Network (VPN), was not managed by Viasat, but actually operated by Skylogic, a subsidiary of KA-SAT’s former owner, Eutelsat.75 It was precisely the complexity of the KA-SAT system that made it vulnerable.76 This is something that may only increase if satellite providers and users continue to diversify.

Satellite systems also tend to feature certain centralised management capabilities, meaning that one attack on a central piece of infrastructure can have far-reaching impacts across a whole system.77 In the case of the KA-SAT attack, it was not the satellite itself that was targeted but part of the ground system, before the satellite was used as a springboard to nullify tens of thousands of internet modems. The scale of the cybersecurity challenge is captured by one project from a team of academics at California Polytechnic State University to map space cyber-attack possibilities — their ICARUS matrix offers approximately four million unique scenario prompts of potential scenarios in which satellite infrastructure could be targeted.78

Increased sharing of satellite networks between civilian and defence clients makes them a target

While Viasat’s systems in Australia only serve government clients, the KA-SAT attack ignited greater public discussion of the complexities around dual-use satellites across the globe.79 As the KA-SAT situation highlights, government clients, which include the military, can share the same satellite infrastructure as civilian and commercial clients. This increases the possibility of infrastructure that provides communication for hospitals or helps manage power grids and assets (as was the case with KA-SAT)80 being targeted due to its simultaneous role in military networks. As one report highlighted, satellite network providers “inherit the threat models of their clients.”81

In late 2022, a Russian delegate to the United Nations reinforced this view, noting that commercial satellite systems used by militaries could be a “legitimate target for retaliation.”82 The primary example of this is the deployment of Starlink in Ukraine, which has provided both civilians and the Ukrainian military with communications support and internet access throughout the conflict. Alongside being the target of jamming efforts,83 the nuance over how the Starlink system is used — including whether it facilitates missile strikes by the Ukrainian military or simply offers communications channels and navigational support — was a hotly contested issue between its users and SpaceX’s executive.84

The risk of dual-use satellite systems being targeted will rise as the integration of commercial technology into military systems increases at pace. This is something the US Space Force has prioritised with its planned Commercial Augmentation Space Reserve85 and the use of open-source intelligence (OSINT), which harnesses commercial satellites for geospatial imagery.

Australia’s concentration in the satellite industry, paired with complex supply chains, heightens risk

As private-sector technologies are integrated into national security systems, a variety of considerations are necessary to avoid significantly increasing the exposure of the national security apparatus to risk. Former US Principal Deputy Director of National Intelligence Susan Gordon highlighted that, when working with private actors on national security capabilities, maintaining a principle of ‘one is none’ is key to mitigating risk.86

As private-sector technologies are integrated into national security systems, a variety of considerations are necessary to avoid significantly increasing the exposure of the national security apparatus to risk.

Notably, a small number of key players in the satellite industry supply communications satellite networks in Australia. Offerings for individual customers are limited to the NBN-affiliated Sky Muster and Starlink.87 In Australia’s commercial and government sector there is a little more variety, including O3b, and a small number of GEO satellite providers like Optus, as well as global players like Viasat.88 However, this concentration risk remains, potentially giving single actors, including those from the commercial sector, outsized influence over a key communications channel or component of government or military systems. This has been evident overseas, with the geopolitical interests89 of SpaceX’s management influencing the use of the Starlink satellite system in Ukraine — including reported “fencing” of access to Starlink,90 limiting its use to specific geographic areas that were reportedly not past the frontlines of Ukrainian positions.91 Over-reliance on any single commercial provider can give the private sector huge power, potentially compromising sovereign decision-making.

Some of the underlying ‘barriers to entry’ in the satellite market are shifting, as declining rocket costs lower the financial burden in relative terms for companies and countries to launch satellites.92 A diversity of satellite options from different providers could reduce the potential impact of any single system being taken offline. The same principle could be applied to the civilian context. In a conflict scenario, having multiple providers of satellite connection services for civilian use can improve coordination of emergency responses, and ensure greater coverage and bandwidth for communications. However, such diversification should not come at the expense of maintaining strong cyber standards across the array of satellite providers.

Accelerating cyber attribution response times is critical

Attributions for cyber-attacks by governments or companies often emerge months after the incident, given the need for technical investigations and the political risk of misattributions.93 This is despite efforts from recent US administrations to accelerate attributions and partner with other nations to hold those responsible to account.94

However, continued efforts to improve joint attributions — both in response time and partners involved — will be key to dissuading further attacks against critical technological infrastructure like satellites. The broader the participants in a joint attribution, the more robust the normative weight of the international framework for responsible state behaviour in cyberspace.95 In addition, continued improvement in information sharing between satellite providers — akin to the national practices in Australia to improve cyber resilience for the telecommunications and financial services sectors — will prove vital, including at the international level.96

Where space meets the sea: Why satellites are part of a bigger picture

As satellites become more prominent, it is critical to consider the role they play in the broader system of telecommunications and digital connectivity. Communications satellites are one of two conduits that can send internet signals across oceans and around the globe. The other conduit is subsea cables, which run along the bottom of the world’s oceans and deliver around 99% of the world’s internet.97 However, with growing concerns over the potential for subsea cables to be a grey zone target for sabotage,98 communications satellites present the only viable international, long-distance alternative to ensure connectivity in the event of cables being cut. In addition, the bifurcation of new subsea cable installations99 and fears around ‘cable spying’100 mean that satellites may well play a larger role as resilience providers for the global flows of data that underpin national economies, even when cables have not been physically damaged. While they carry far less volume than subsea cables, the role of satellites as an important backup system for international connectivity makes them critical to cyber resilience. If a country’s subsea cables are cut, satellites may offer the only avenue for international communications, simultaneously making them potential targets and vital infrastructure. Nations are already exploring satellite networks as an alternative for subsea cable internet connections — particularly small island nations, including in the Indo-Pacific.101

With growing concerns over the potential for subsea cables to be a grey zone target for sabotage, communications satellites present the only viable international, long-distance alternative to ensure connectivity in the event of cables being cut.

Satellites are part of the asymmetric power advantages held by large technology companies

The role of satellites in the broader digital connectivity ecosystem and the concentrated set of satellite suppliers also risks further entrenching the asymmetric advantage large technology companies have when it comes to owning and transmitting large volumes of data. Recently, a series of satellite cloud computing partnerships (see Table 2) have been announced, tying together the major operators of these two infrastructural components and those that also hold some of the most significant troves of data.

Table 2. Examples of major satellite-cloud computing partnerships

Sources: CNBC News; Microsoft; Viasat

This concentration is also evident within one major technology firm and a major player in the satellite industry that has yet to launch a single payload: Amazon. With ambitious plans to launch a LEO fleet of 3,236 satellites, Amazon’s Kuiper program102 would potentially be the biggest player in the LEO satellite industry by 2030, behind only Starlink.103 In particular, Amazon has stated that it will pair Kuiper with the most popular cloud computing service in the world with an estimated 32% of market share: Amazon Web Services (AWS).104

Two important implications emerge from marrying these burgeoning satellite networks with cloud computing in a more dynamic geopolitical context. First, these trends are helping drive an increase in the monopolisation of communications and computing infrastructure as large technology companies become more involved in the hardware that underpins their operations. Second, this further integrates satellite networks into the broader infrastructure and systems of large technology companies that provide enterprise solutions to companies across the globe. As an additional part of this broader system, their cybersecurity is now an important consideration, potentially even for those not directly using these satellite services. This concentration and integration of infrastructure is not bad in and of itself — and can offer important benefits and efficiencies. However, without appropriate oversight and policy controls, it risks giving technology companies unbridled power across a multitude of technological domains, further concentrating authority and risk in a select set of companies.

Policy recommendations: What’s next?

Satellites are not just a growing industry, but increasingly critical pieces of infrastructure that enable communications and underpin economic activity.105 They also offer important backup or redundancy capabilities in the event of natural disasters, attacks or sabotage. But they can only do so if they are secure. Drawing on the lessons of the KA-SAT attack, and the series of cyber-attacks against digital infrastructure more broadly, there is still significant work to be done. The cybersecurity of any system is only as strong as its weakest link.

While there is no silver bullet to addressing cybersecurity flaws — including with satellites — there is a set of practices that countries should have in place to improve their resilience and responsiveness as overall satellite use and greater shared use for civilian and defence purposes increases. In particular, the Australian Government (led by the Department of Home Affairs in coordination with the Department of Defence, Department of Foreign Affairs and Trade and other relevant departments), should encourage its allies and partners to follow its lead in adding satellite systems (as part of the space technology sector) to its set of critical infrastructure sectors,106 thereby mandating important cyber measures for relevant entities.107 While there are concerns that some of these measures are yet to be activated for satellites in Australia,108 with no assets currently defined under the SOCI Act,109 the situation overseas is even less developed.

In the United States, there is ongoing debate over whether satellites should be designated critical infrastructure.110 While some satellites are covered by other critical infrastructure designations (such as communications or information technology), ‘space systems’ are not yet designated critical infrastructure and are tangled up in broader conversations around the governance of space.111 The European Union faces similar challenges, with an ongoing debate over shifting space from ‘crucial’ to critical infrastructure.112

Beyond assigning satellites as critical infrastructure, governments should:

  1. Ensure the appropriate monitoring and assessment processes are in place to guarantee best practices.This can be included in contracts, requiring partners throughout the satellite supply chain to meet certain cyber standards and authorising monitoring mechanisms to ensure ongoing compliance.
  2. Ensure a ‘one is none’ approach to involving private-sector actors in defence satellite networks to build redundancy capability and spread risk in a manner that does not excessively increase exposure by offering additional attack surfaces for malicious actors.
  3. Expand threat intelligence-sharing networks between providers and agencies in national and international contexts, building on the Information Sharing and Analysis Centres (ISACs) used in other cybersecurity areas, to help thwart attacks and build best practices.
    The recent memorandum of understanding between the Australian Cyber Collaboration Centre with the Space ISAC113 is a welcome step (Space ISAC also counts US, Japanese, Israeli, Greek, French and UK government agencies amongst its partners as well as private-sector members). However, with the European Union also recently launching the EU Space Information Sharing and Analysis Centre,114 there is a need for coordination and collaboration between and amongst these different ISACs and their members to ensure rapid and expansive threat and information sharing. Cyber threats do not respect regional boundaries, and information-sharing mechanisms must be similarly flexible.
  4. Promote pathways for international intelligence sharing after cyber-attacks between governments and the private sector to improve preventative responses and allow for accelerated joint attributions against perpetrators. This can include improving the measuring and accounting of cyber harms and violence to evaluate the impact of different actors.
    a. Accelerate cyber attributions after events— including involving as many willing partners as possible to continue promoting responsibility and international norms, as well as adding pressure on malicious actors.
  5. Closely monitor the concentration and integration of satellite capabilities into large technology companies, particularly those used for defence purposes.Clear contracts when using civilian technologies in defence contexts will be important to avoid some of the tension seen in Starlink’s use in Ukraine and to not imperil critical civilian satellite networks where possible.

Malicious cyber actors give little attention to national borders or the distances between them and their targets. The same must apply when it comes to governments learning from major attacks, even if they occur on the other side of the world or target other systems. As satellites become a vital component of broader communications networks — especially in Australia and its region — improving the cyber resilience and security of these systems is of vital importance. Only by proactively learning from overseas incidents and attacks, coordinating with allies and partners to put the appropriate regulatory protections in place, and holding those responsible to account, can governments properly defend their systems.

Endnotes