Image: NASA

White House should designate space systems as critical infrastructure: Cyberspace Solarium Commission

The U.S. should formally name space as a critical infrastructure sector and take steps to protect satellites and other space systems against cyberattacks, according to a study from the influential Cyberspace Solarium Commission.

“Designating space systems as a U.S. critical infrastructure sector would close current gaps and signal both at home and abroad that space security and resilience is a top priority,” the report states, adding that space “clearly” meets the threshold for the designation as it has become more enmeshed in the U.S. military and economy.

Since no single federal entity is responsible for securing space systems, such as ground stations and satellites, against hackers, the White House should designate space as the 17th critical infrastructure sector and tap NASA as its “sector risk management agency” to provide oversight, the panel argues. Current critical infrastructure sectors include dams, transportation systems, the chemical sector and communications.

“Major portions of American space systems are still not designated as critical infrastructure and do not receive the attention or resources such a designation would entail,” according to the study’s executive summary. “The majority of today’s space systems were developed under the premise that space was a sanctuary from conflict, but this is no longer the case.”

The Cyberspace Solarium Commission was created by Congress in 2019 and led by a bipartisan group of lawmakers. It sunsetted at the end of 2021, but continues to issue reports and recommendations as a nonprofit.

There have been a spate of recent developments that could give the commission’s new recommendations momentum on Capitol Hill.

Russian hackers targeted the satellite company Viasat at the beginning of Moscow’s unprovoked invasion of Ukraine in an effort to disrupt communications.

The Homeland Security Department also recommended that policymakers consider creating new critical infrastructure sectors for space and bioeconomy. And the National Security Council is currently hammering out a rewrite of the presidential directive, PPD-21, that decides what sectors receive the critical infrastructure tag.

The report notes the need to mitigate "unique cybersecurity challenges that stem from the geographic and technological particularities of space."

"Substantial investment through congressional appropriation will be imperative because policy without resources is merely rhetoric,” it adds.

To that end, the commission recommends Congress should provide NASA an initial investment of $15 million annually, along with 25 full-time employees, to assume its new risk manager duties. However, the panel cautions against granting the agency any new regulatory powers, instead suggesting the Congressional Research Service comb through existing statutes and come up with legislative ideas.

It also urges the space sector to create a coordinating council to help facilitate information sharing between industry and the federal government.

“The threat from Russia and China is growing,” the report states. Both those authoritarian powers have placed American and partner space systems in their crosshairs, as demonstrated by their testing of anti-satellite (ASAT) capabilities. The United States needs a more concerted and coherent approach to risk management and public-private collaboration regarding space systems infrastructure.”

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Martin Matishak

Martin Matishak

is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.