The connection between cyber threats and damage to space is very direct

This is what Prof. Yitzhak Ben-Israel said at the "Cyber ​​and Security in Space" conference - a Yuval Na'eman workshop for science, technology and security that dealt with security in space. Ram Levy, a research fellow at the Yuval Na'aman workshop described such an attack on the BBC broadcasts in Persian

"The connection between threats of cyber terrorism, or in the vernacular - cyber, and damage to space assets is very direct. This is what Major General (resp.) Prof. Yitzhak Ben-Israel, head of the Yuval Na'eman Workshop for Science, Technology and Security, said at a meeting dealing with the topic of space security. "Today it is clear that assets in space can be damaged in all kinds of ways, including, among other things, by damaging the computers that control these satellites - not necessarily the computers that are flown inside the satellite. For example, it is possible to damage the ground station that communicates with him, gives him instructions, tells him where to take pictures, or which channels to transmit if it is a communication satellite. As we know today, all ground stations are managed and controlled by computers, and if I want to hit a satellite in space, instead of an anti-missile missile, which not many countries know how to do, it may be easier to attack the ground station that controls the satellite with a virus and do irreversible damage."

"This is an example of warfare in the cyber world whose real damage is physical damage. Until recently we talked about cyber as a fight against the information stored in computers. The counter technique is information security - or a way of protecting the computers or the means of communication for the computers or all kinds of intermediaries - servers, etc. Cyber ​​security is perceived by most of the public as something that belongs to information security. Recently, the concept has entered that the damage that can be caused by the techniques of viruses and harmful software is not only to the information stored in the computers, but also physical damage to the systems."

"Whoever steals credit card numbers, steals information from a website that did not keep the credit card numbers well enough. What do we do after that with the information? In the case of the hacker known as the "Saudi", they did not want to do financial damage, (something that is difficult because the credit companies block the possibility) but mainly psychological damage. Everyone started talking about an online war between Saudis, Palestinians and Israelis. On the other hand, the damage done to the centrifuges in Iran is not related to information security: no one stole or disrupted the Iranian nuclear information, but in this case a computer worm damaged the computers that monitor the spin speed of the centrifuges and as soon as it came to the conclusion that it is in an area where there are centrifuges that speak Persian, it does damage. In other places, and there are hundreds of thousands of computers she reached, she went to sleep and did not cause any damage.

"The damage was not, as mentioned, damage to the information, but the destruction of the centrifuges that were allegedly not connected to the outside world. It turns out that there is almost no computer that is not connected to the outside world. There are things that need maintenance, but there is a network of technicians, this is a weak point that anyone who is smart enough can penetrate through."

"A thought that has arisen in me recently after the work we did for the Prime Minister is quite worrying - it is clear that these computers are not going to leave us. Still Moore's Law, according to which computing power doubles while the price remains the same, is still in effect and it doesn't look like the graph is going to straighten out. In 10-15 years we will reach chips with a thickness of a single atom and even then we will not stop, because there will be quantum computers hundreds of thousands times more powerful than today's computers. The experts are talking about a quantum computer whose number of registers will be similar to a normal computer, but its speed will be 10 times to the power of 30.

Ray Kurzweil and others think that within 10-20 years we will pass this limit. The computers will surpass the performance of the human brain. The physical dimensions are getting smaller and smaller - we can put very powerful computers into the human cell, I don't know how much we will resist the temptation to fix all kinds of human defects with chips. There are even Israeli startups that give the beginning of the road - for example, treatment of various types of blindness that result from the fact that the light falls on the retina and the nerve cells that need to carry the pulse to the brain do not work, and in their place a chip is implanted that will do it."

"There are people who make a living from trading algorithms. Not long ago there was a denial of service attack on the exchange but the exchange continued to work. The stock exchange is managed by a computer. When the stock exchange's computer senses that there is a certain drop in rates, it stops trading in the stock for three quarters of an hour or even a day. All these commands continued to run and perform automatic actions, even though the system was under attack. In the future, these programs will also be able to use the capabilities that Bam introduced in Watson, read newspapers in a free language and understand by themselves what the trends are and buy or sell shares accordingly without human intervention. Such a computer can bring down economies, interfere in political considerations and even start a war."

"Computers are on the verge of such great complexity that they become unpredictable. In my opinion, if we talked about an ethical code in space - we are in the next 10-20 years facing this kind of transformation that is entirely technological, without giving such and such human qualities to the computer. It starts to approach the story of Hal, the computer in the movie A Space Odyssey. In the film by Stanley Kubrick and Arthur C. Clarke, a group of people go on a mission in space and there is a computer that takes care of their lives. The computer comes to the conclusion that for the sake of the mission it should turn off some of the people. I think we are not far from that." Prof. Ben-Israel concluded.

It turns out that this is not just a theoretical threat. According to Ram Levy, a research fellow at the Yuval Na'eman workshop for science, technology and security, and a cyber consultant for the National Research and Development Council: "In 2009, the BBC network decided to open a version in Persian. They started broadcasting on 5 satellites, some of them European - owned by France. The Iranians started disrupting those broadcasts without shame, even though IRIB - the Iranian Broadcasting Authority, uses exactly the same satellites to spread propaganda to the West. As a result, Eutelsat decided to transfer the BBC broadcasts to esoteric receivers, which meant that they only reached 15% of the viewers in Iran. Information leaked to WikiLeaks showed that a targeted disruption was made."

The BBC therefore decided to go online. The reaction of the Iranians was to disrupt the broadcasts both in the television format and in the internet format. The Iranians are developing their own cyber capabilities, calling it defensive capabilities. According to publications - this is a group within the army, as well as an unofficial group of hackers, but apparently there is a connection between CYBER ARM and the Revolutionary Guards. They take the issue seriously and develop antivirus. They disrupted the satellite FEED as well as launched a DDOS attack on the British network servers and also tried to attack the BBC switchboard in London through automated dialing.

"The CEO of the BBC said that it is difficult to identify or prove the source of the attack, but the coincidence proves that it is Iranian elements who want to block, and are expanding the methods of operation. The answer was given later when a mysterious entity disrupted IRIB operations including their English language channel PRESS TV, and the Iranians blamed British technicians working in Bahrain. "

"A cyber attack is an attack aimed at disrupting day-to-day activities, and those processes can be attacked by computers. If I want to attack a TV channel, you don't have to attack the satellite itself, which is 36 thousand kilometers in space, but you can disrupt all the processes along the way. For example, if there is no electricity to the ground station - I prevent the transmission of the satellite."

"Why attack satellite systems - because satellites are important, all banking operations are done using a GPS signature, satellites are used for communication, and more. The interests in damaging the satellites are clear: there are about a thousand active satellites, half of them American and of this half - a quarter are military satellites, and there are many dual-use satellites. Why use cyber attacks - it is very difficult to attribute the source of the attack to the attacker. It's a remote attack, very cheap, but it requires a lot of in-depth technical knowledge, you need to know what the system's weaknesses are."

"One of the ways to damage satellites is by inserting fake components into the system so that they also contain a hostile element, without the satellite operators knowing it. The space industry is a very traditional industry. The long life cycle of the systems means that they need maintenance so there are many places to enter. The Ministry of Defense announced that they discovered thousands of fake components in the next generation of GPS satellites, and all kinds of systems with fake components caused delays in the program."

"what can we do? Two things: firstly to raise awareness, and secondly to start carrying out proactive attacks and see if our systems are immune - not only the computer itself but also all the systems that support the satellite system. There must be a dialogue between academia, industry and government users to find solutions to the problems, as well as build a database of attacks so that we can create correlations and thus also identify the next attack." Levy concludes.