Cybersecurity in Space is Hard; In Cislunar Space, it’s Really Hard

In space, cybersecurity is hard. Many of the strategies cyber defenders rely on daily to protect terrestrial networks, like centrally managed anomaly detection, regular patching of emergent software vulnerabilities, and replacement of outdated or compromised hardware, are difficult, and sometimes impossible or unaffordable, in orbit.

But in cislunar space between the Earth and the Moon, and on the lunar surface, experts and former officials tell Via Satellite, cybersecurity is going to be even harder. Many of the work-arounds, substitutes, and novel strategies developed to protect assets in orbit — especially the new software-defined Low-Earth Orbit (LEO) constellations— aren’t going to work at the vast distances of cislunar space and with the very different parameters of lunar missions.

For example, unlike the LEO constellations, which tend to refresh their satellite hardware every few years, cislunar infrastructure, in space and on the Moon’s surface, will need to be functional for at least 10 to 15 years. And the huge distances involved, and the communication lags they entail, mean cyber defenses — and everything else — will have to be largely autonomous.

Radio waves take almost three seconds to complete the round trip to the Moon and between six and 44 minutes to Mars and back, explains Sam Visner, chairman of the Space Information Sharing and Analysis Center (Space-ISAC), a non-profit industry association that collects, collates and shares threat information among companies in the space sector. That means autonomy is indispensable.

“When we send a command to drive the rover on Mars, we don't sit there with a steering wheel. We don't send a radio signal which operates a hydraulics system,” Visner explains, “We send high level software commands, and they go to a computer on board the rover, and that computer then interprets them and tells the rover how to execute that maneuver. ‘Go forward, go back, turn left, turn right. Dig for this sample here.’”

This means that cislunar space, even more so than orbital space, is IT intensive and software defined, says Visner. Sensors, telemetry, commands, all are filtered through IT and software.

“If you want to know what's going on in the cislunar environment, you're going to rely on information technology. If you want to know how well your systems are performing, or if they're not performing, or if there's a problem, you will be relying on information technology. Every aspect of operations in that environment is going to be IT intensive.”

But software-defined everything means everything is an attack surface. “The ability to ensure the integrity of the information systems on which everything will depend is going to be critical,” Visner says.

A Complex, Sprawling Attack Surface

NASA has set out its Artemis vision for lunar and cislunar space as a multi-national undertaking. More than 60 countries have signed on to the Artemis accords, a set of broad principles for space exploration; and Canada, the EU, Japan, and the UAE are all contributing astronauts and infrastructure to the Artemis program. In a recent massive Artemis program overhaul, NASA scrapped plans for the Gateway Lunar space station the most multi-national element of the program. Despite the Gateway cancellation, Artemis will still rely on international partners for sections of the Orion spacecraft. And the lunar surface habitat that might replace Gateway as the centerpiece of a multi-mission and eventually long term lunar presence, looks likely to be a multi-national endeavor also.

NASA also says Artemis depends crucially on partnerships with the private sector. And the prospect of lunar commercialization, profit-making activities on the Moon, is generating a lot of excitement among venture capitalists.

But this increasingly sprawling and complex set of stakeholders and participants in the Artemis program creates additional cybersecurity risks, because of differing security standards and the greater potential for insider threats, says Matthew Lamanna, a former U.S. Air Force cyber analyst whose 20 year career culminated as the manager of cyberspace intelligence at the Air Force’s storied Operational Test and Evaluation Center.

“Cyber on Earth is already the Wild West,” says Lamanna, now a co-host of the podcast You’ve Already Been Hacked. “It's hard to hold bad actors accountable, every country has its own set of standards and regulations.”

He argued that it was important to set universal cybersecurity standards from the very beginning of an undertaking like Artemis. “There should be a cybersecurity subsection [to the Artemis Accords], and the rules need to be set up front, so everyone is meeting the same standards from the beginning, because you can't do what we tend to do, and try to bolt it on after the fact,” he says, “That is a recipe for failure.”

In Cislunar Space, Critical Infrastructure Is Really Critical

And the consequences of failure are dire, points out Lamanna. In space, everything is critical infrastructure, and critical means really critical. “Down here, if there’s a cyberattack and you lose power or water for a day or so, it’s bad, but it’s survivable. On the Moon: How long can you go without air?”

But the criticality of life support systems is not unique to the lunar and cislunar environment, Lamanna points out, and NASA has decades of experience engineering resilient, redundant systems. “NASA knows how to do this. They have backup comms, backup power, backup everything. And the backups have backups.”

A government watchdog has sounded the alarm on how a cyber attack could impact NASA. Auditors from the Government Accountability Office found in 2024 that a cyber attack on a NASA spacecraft “could result in loss of mission data, decreased lifespan or capability of space systems, or the loss of control of space vehicles.” The auditors said that although NASA had issued cybersecurity guidance, they had not made it mandatory for programs or incorporated it into their acquisition contracts with vendors.

Nonetheless, the auditors said that in the two elements of the Artemis program they scrutinized, the contracts included requirements related to NASA's spacecraft cybersecurity standards, and required contractors to demonstrate those requirements through testing.

NASA did not make any official available for interview and did not provide written responses to questions from Via Satellite.

But one entrepreneur in the lunar infrastructure business believes that cislunar distances might help cybersecurity. The long delays in data transmission make some forms of cyberattack untenable, according to Christopher Stott, the founder, chairman and chief executive of Lonestar Data Holdings, a Florida-based startup offering data storage and recovery services in cislunar space.

“High latency equals high security,” Stott tells Via Satellite, arguing that the long delays make brute force and password spray attacks — favorite hacker techniques involving repeated attempts to log on with stolen or guessed credentials — impossible, because Transmission Control Protocol/Internet Protocol connections break down if there are delays in transmission. “TCP/IP times out. No brute force attacks. A second is a long time in cyber space,” says Stott.

Indeed, NASA has had to develop new protocols to “bring internet-like functionality to space communications,” the agency says on its website. Delay/Disruption Tolerant Networking (DTN) is designed to keep cislunar and interplanetary networks functioning even when transmission of data packets is delayed or interrupted.

Securing Solutions to the Lunar Power Problem

For the long-term sustainable human presence on the Moon that Artemis ultimately envisages, let alone the successful commercial exploitation of lunar resources, one challenge looms above all others — power.

For non-propulsion power, space missions have traditionally relied on solar energy, but that’s an issue on the lunar surface where night can last an Earth fortnight and temperatures fall to near absolute zero.

NASA and the U.S. Department of Energy have announced plans to build a nuclear reactor on the lunar surface by 2030, but Volta Space Technologies, a startup headquartered in Montréal and with offices in the U.S., has a different vision. The company plans for satellites in orbit around the Moon that will collect solar energy and then transmit it down to customers on the lunar surface using lasers, beaming to special receivers called LightPorts, mounted on habitats, landers and rovers, any lunar infrastructure.

Volta’s lasers can also be used for high bandwidth optical communications, the company says. And it’s working with the Pentagon on military applications.

The first LightPort will be set up on the Moon’s far side this year, thanks to funding from the Canadian Space Agency. It will be carried on the Blue Ghost Mission 2 lander being built by Firefly Aerospace as part of NASA’s Commercial Lunar Payload Services (CLPS) initiative.

Targeted for launch towards the end of the year, Blue Ghost Mission 2 will follow up on Firefly’s first ever fully successful commercial Moon landing last year by Blue Ghost Mission 1. The LightPort on the new lander will validate the company’s concept and show how lunar assets can access Volta’s orbital power grid, says the company’s Senior Director for Global Sales and Business Development Diego Paldao.

Zero Trust in Space

Volta Space starts out with security, he tells Via Satellite, “It's no longer just about designing something that's really cool and useful, it’s about that and then protecting that capability and protecting your customer downstream … Because at the end of the day, it is a laser. We want to make sure it's operated safely and within the parameters of the service we're providing.”

Volta adopted Zero Trust cybersecurity principles, meaning every login, every interaction, is regarded as suspicious.

“We have suppliers working with us, and they're critical to the entire ecosystem that we're developing. But we … have to make our [network] entry points secure,” Paldao explains, even when that creates friction for users. Zero Trust principles dictate that even logged-in users may have to re-authenticate when they request access to sensitive parts of the system. “So even if it may be a little bit onerous, there are cybersecurity requirements that we have in place that our suppliers and partners need to follow,” Paldao says.

Like the Blue Ghost Lander, and the Artemis program itself, Volta’s lunar energy network will be a multinational proposition, says Paldao. Dealing with government and commercial customers from several different countries means thinking differently about cybersecurity. “It’s fantastic to have a bunch of different nations and commercial and government players involved, but ultimately, that requires an architecture that's interoperable but secure as well,” he explains.

The Whole Range of Threat Actors

And that architecture needs to be secure against the whole range of cyber threat actors, says former Defense Intelligence Agency CTO Robert “Bob” Gourley.

“In today's world, any nation with resources to find and exploit [software] vulnerabilities, which is almost all countries, could potentially have the capability to disrupt Artemis,” says Gourley, now CTO and founder of OODA, a strategic advisory consultancy.

Gourley points to hackers linked to Russian intelligence that have attacked international institutions like the Olympic games, and sees the possibility that China might seek to covertly sabotage Artemis in order to demonstrate the superiority of Beijing’s space technology. The fig leaf of plausible deniability offered by cyber operations is growing increasingly translucent as attribution improves, but in certain circumstances, say those of Iran right now, a nation might “decide they do not care,” he says.

And it’s not just nation states, points out Gourley. Ransomware gangs have attacked hospitals and schools, so why would they stop at lunar infrastructure? Even individuals, empowered by AI, might soon be a threat. "Some men just want to watch the world burn,” says Gourley, quoting Alfred in the Batman movie.

“The challenge for NASA is that they must defend against all potential attackers, from nation states to criminal groups and even individuals,” Gourley says.

Space-ISAC, the industry threat-sharing organization, has held table-top exercises simulating a cyber incident impacting lunar infrastructure—a mining facility on the Moon, and a lunar satellite—Visner says.

In the exercise scenario, he explains, the players have to decide whether to spend time and resources figuring out if the incident was just an IT glitch or a cyber attack. “What should be your focus, given the criticality of life support systems? Is attribution important when you only have a few hours to get something fixed? Or do you focus your attention on getting things fixed and worry about attribution and law enforcement issues later on?”

“There are no easy answers,” he says, “but that’s kind of the point. We want to stress test the participants. VS