Each time, like a kid, I am impressed by each launch and land from Space X. As a cybersecurity expert, I am always thinking what if a launcher is hacked ? In this article you will find how it could be hacked.
Why hacking a rocket ?
To understand why it could be a problem to hack a rocket, we need to understand the way we came up to build rockets. It was first used to deliver explosive payload. The first know one coming from China in the 13th century.
During WW2, V2 rockets were produced by Germany and were guided and launched mainly to attack UK. After the end of the war both Germany and Russia used German rockets specialists to develop ballistic missiles which later bring to develops rockets to access Space.
Having the capacity to launch rocket to space is limited to the most advanced nations in the world. Proving you can hack a rocket will both show you can access to ballistic technology and show cyber offensive superiority to the world.
Hacking a rocket
Targeting the Rocket
As a cybersecurity expert, the first idea would be to attack directly the rocket. The first thing to do would be to use an analyzer to test the frequencies that is used by the rocket. For this, you can easily buy on Amazon this kind of analyzer.
Then you will have to find which protocol is used to communicate with the rocket. And then you will have to hack the communication protocol to get the information sent and received by the rocket. You will obviously find really hard protocol to crack. But the fact is, whatever the protocol, it is always possible to break it, it is just about time and money. And here is the first nearly impossible challenge, you will have only between 20 and 120 minutes to find the way to hack it, time which the rocket is live.
So clearly, targeting the rocket during the launch looks like science-fiction, even if you have a lot of money.
Targeting the Launch Control Center
So if it is hard to break the communication and related protocols, the next step is to understand how to hack directly the Launch Control Center.
And it makes sense, because the Launch Control Center is online most of the time. It monitors rockets, make preparations, do tests before flights. You will get more time to hack it. But once inside, as many critical command and centers, there is probably a SOC for Security Operating Center, that will detect you are attacking and it will be able to react to it, preventing to then make a rebound on the rocket.
But let’s imagine, however, you was able to be quick enough that the SpaceX SOC could not react. In that case, it is just easy to get the control of the rocket … or not. In fact, minutes before in order to optimize safety and resilience, the Falcon9 monitors itself and even takes the final decision to do the launch.
So if you could break in that facility, you won’t be able finally able to get the control of the rocket, because of the way the rocket is designed.
Targeting the projects
So, the most probable way to hack a rocket is by attacking SpaceX organization directly and the process of designing the rocket. Like many critical companies, huge efforts were made to secure the HQ. In fact in 2018 most of the biggest attacks in the world were done throw third parties. The way of doing is to infiltrate the IT Systems and networks of companies working for SpaceX and then make rebound to SpaceX.
But SpaceX mainly designs it’s systems internally and limit the number of third parties. Which limits the exposition to attacks
Targeting the components
Another way would be to work on modifying the components that are on board, in order to change the way the rocket is going to act. The idea is being able to provide a component that is going to change the way it works during a flight. This will make the rocket take another course.
But that won’t be enough, as many critical systems, you often have redundancy. It means each component is doubled or tripled, in case one is failing. And because, that kind of mission is critical, it is not rare to not double with exactly the same component, but a similar one designed by another team, to reduce the risk failure. So it means, you have to get more than one person infiltrated.
So, clearly Falcon9 from SpaceX can’t be hacked from your simple computer. You will need to infiltrate SpaceX with many persons. And this is clearly more linked to sabotage activities, available in that context more to foreign Intelligence Agencies like China or Russia.