The significance of cybersecurity in the outer space domain ties into international interest in maintaining international peace and security through secure, trusted, and resilient technology. Where the advent of Space 2.0 has brought forward significant transformational changes in accessing and utilising space, this has been founded upon the effects of the Fourth Industrial Revolution. The synergy and interplay between these two movements has driven the proliferation of small, affordable, and interconnected technologies across the final frontier, while blurring the line between the physical and digital worlds.
Space systems and technologies remain reliant on information systems and networks, spanning from design conceptualization to manufacture and procurement, launch and flight operations. However, the ability of space actors to leverage upon the benefits offered by space applications is contingent upon maintaining confidentiality, integrity, and availability – ensuring uninterrupted, trusted, and complete control over technology and systems.
Space systems face a diverse range of cyber threats including denial-of-service attacks, signal jamming, spoofing GPS data, or unauthorized guidance and control; the consequence of which may include loss of mission data, decreased capability or disabling of space system, loss of positive control of space vehicles, and prospect of kinetic damage. This underscores a variety of underlying cybersecurity issues including information security, security-by-design, and supply-chain security concerns.
In recognizing the evolving threat of Grey Zone operations in cyberspace, and increasing reliance upon space-based and adjacent ICTs, actors operating in both domains must cooperate to advance responsible state behaviour as founded upon the application of existing international law and agreed norms of behaviour.
At the multilateral level, guidance on responsible state behaviour is elicited through Article 2(4) of the UN Charter prohibiting the use of force, and authoritative principles of International Humanitarian Law. This has been reinforced by growing international consensus under the UN cybersecurity Open-Ended Working Group, releasing a non-binding report on recommendations for advancing peace and security in cyberspace.
Under international space law, extending cyber norms and principles extraterritorially to space activities is founded upon Article III of the Outer Space Treaty, and contingent upon the willingness of states parties to interpret and uphold relevant principles of international cyber law in space. Article IV’s prohibitions on weapons of mass destruction, and emphasis upon the use of space “exclusively for peaceful purposes”, opens the possibility for interpretations on prohibitions against offensive cyber operations and potential classification of cyber-weapons as Weapons of Mass Destruction.
Noting the absence of definitive principles, Cyber-Space jurisprudence represents a nascent and developing area of international law – one tied to ongoing efforts on the Prevention of Arms Race in Outer Space, and in discussion under UN and the International Telecommunications Union. Areas for future consideration concern the interplay between Cyber, ICT, and human rights – addressing the evolving impact of cyberspace activities upon the use of space applications in realising human rights values and principles.