Jamming, Spoofing, Hacking: Today’s Most Pervasive Counterspace Threats

Jamming, Spoofing, Hacking: Today’s Most Pervasive Counterspace Threats

While speculation about Russian nuclear weapons in space and actual destructive antisatellite tests grab the headlines, experts from two organizations that track “counterspace” activities are pointing out more immediate threats to satellite systems do not require such sophistication. Jamming or spoofing navigation satellites or hacking communications satellite ground terminals is much easier and can be disruptive not just to militaries, but the civilian population.

The Secure World Foundation (SWF) and the Center for Strategic and International Studies (CSIS) have published their separate, but complementary, counterspace capabilities reports for 2024. This is the seventh year for both of them. One notable difference is that the SWF report includes the United States while CSIS’s does not.

At a joint webinar on April 17, SWF’s Victoria Samson and Brian Weeden and CSIS’s Clayton Swope and Makena Young outlined the broad range of counterspace activities they were able to identify from open sources and who’s using them.

The term counterspace generally refers to anything that can prevent a satellite from performing its tasks and range from temporary measures like jamming signals to complete destruction with an antisatellite (ASAT) weapon.

Source: Space Threat Assessment 2024 by Center for Strategic and International Studies.

Public attention on counterspace activities largely focuses on countries with space launch capabilities, but one message from SWF and CSIS is that countries that don’t launch satellites, as well as non-state actors, also can pose a significant threat. Jamming, spoofing and hacking are comparatively easy.

Navigation satellite systems like the U.S. GPS system and its counterparts in other countries — collectively called Global Navigation Satellite Systems or GNSS — are routinely jammed and spoofed. Anticipating such attacks, GPS, for example, is designed with separate frequencies for military and civilian use. The military channels have special protections. The civilian signals, freely available to everyone in the world, are not protected and because GPS is used so ubiquitously, an outage can be extremely damaging for civil society.

“There’s a lot of civilian uses of GNSS systems, primarily commercial aviation, and that is having some significant impacts,” Weeden said. “The multiple reports of the jamming and particularly the spoofing of the GPS for commercial airliners that is then bleeding over and infecting the other navigation systems that are supposed to be the backup alternatives — that is quite concerning.”

Explaining that jamming is “yelling really loud” and spoofing is “mimicking somebody else’s voice — fake them in a conversation,” Weeden said there’s a new variant called “circle spoofing” where the location of a plane or ship is faked to make it appear like they are doing circles.

Jamming and spoofing happen all the time. Swope said “activities that were previously viewed as deviant or outside the norm, it’s just becoming commonplace to normalize now” and that affects trust in the satellite systems.

Hacking or cyber attacks are also becoming common. Russia’s cyber attack on Viasat’s ground terminals at the beginning of the Ukraine war is just one example, Weeden said. Ukrainian “hactivitists … not part of the government” hacked into a Russian communications satellite system and “hacker groups have used satellite systems to exflitrate data” they’ve stolen by compromising someone’s home satellite Internet system. Cyber is one place “non-state actors can shine,” Samson said.

The CSIS report has an entire special section on the “normalization of deviance” in the counterspace arena, where “cyberattacks, jamming and spoofing activities, and unfriendly behaviors in space have now become commonplace and rarely trigger an escalatory or retaliatory response.”

The main focus of the two reports, however, is counterspace capabilities and actions of countries like China, India, Russia, and the United States that have conducted destructive direct-ascent antisatellite (DA-ASAT) tests and have other methods like electromagnetic warfare (EW) to go after satellite systems. SWF lists 12 countries that are the “most active in developing their own indigenous offensive counterspace capabilities and for which there is public evidence of these efforts.” It added Israel for the first time this year.  The CSIS report covers the same countries except it omits the United States.

Source: Global Counterspace Capabilities 2024 report from the Secure World Foundation. LEO, MEO and GEO are Low Earth Orbit, Medium Earth Orbit, and Geostationary/Geosynchronous Earth Orbit.

Israel joined SWF’s list because it “reportedly achieved an exoatmospheric intercept for the first time in November 2023 when it was used to intercept a long-range missile fired from Houthi-controlled Yemen.” It also is employing jamming and spoofing. The CSIS report says “Israel even publicly acknowledged its efforts to interfere with GNSS at the start of the campaign in Gaza.”

It is the destructive capabilities that grab headlines, like Russia’s DA-ASAT test against one of its own satellites in 2021. The resulting debris forced the seven astronauts and cosmonauts — including two Russians — aboard the International Space Station to shelter in their spacecraft in case they had to make an emergency return to Earth.

SWF keeps track of all the debris still in orbit from DA-ASAT tests over the decades conducted by the Soviet Union/Russia, United States, China and India. All the tests have been against their own satellites. China’s 2007 test leads the pack with more than 2,600 pieces still posing a threat to everyone else’s spacecraft 17 years later. The 2021 Russian test created 2,717 pieces of debris and 447 are still in orbit according to the SWF statistics. SWF also has fact sheets about the tests.

Russia’s 2021 test spurred the United States to mount an international effort to get countries to join a pledge not to launch destructive DA-ASAT tests. The U.S. made the pledge in April 2022 and 36 countries have joined since. A much larger number of nations agreed to a similar United Nations resolution in December 2022 by a vote of 155-9.  However, China, India and Russia did not sign the pledge or the resolution.

SWF is leading an effort to get companies to sign a statement encouraging countries not to conduct such tests because of the threat they pose to commercial space operations.

Also getting a lot of attention this year were statements from an influential member of Congress and the White House about the possibility that Russia is planning to put a nuclear weapon in space — which would violate the 1967 Outer Space Treaty — as the ultimate ASAT device. The electromagnetic pulse (EMP) from an exploding nuclear weapon would indiscriminately damage everyone’s satellites, including Russia’s, unless they were specially designed to survive such an attack.

Very little information is available from open sources about what Rep. Mike Turner (R-OH) and the White House were referring to and the SWF/CSIS panel focused mostly on why Russia would develop such a capability.

CSIS/SWF panel, L-R: Makena Young (CSIS), Clayton Swope (CSIS), Victoria Samson (SWF), and Brian Weeden (SWF). April 17, 2024. Screengrab.

Young asked whether it’s an indication that Russia “may be seen as a declining space power” and an “indication that they would be willing to risk their space assets to kind of hold everyone [else’s] hostage in orbit?”

Samson sees it as “an end of game” option. While not the same as exploding a nuclear bomb over Washington, DC,  it would be “very escalatory and provocative.” Considering Russia has 200 or so satellites of its own, including early warning satellites, it would be “shooting themselves in the foot” and “not something I think anyone would undertake lightly.”

Weeden added that it would also destroy China’s satellites and while Russia’s satellite fleet may be declining, China’s is growing by leaps and bounds. “I would love to know what sort of back channel discussions” China and Russia might have had when this came to light, he wondered. Swope summed it up by saying “this just never really added up in my head on why this made sense” and with so little information in the public domain, it’s difficult “to fit the pieces together.”

Looking back over the past seven years of writing these reports, Samson recalled 2018 as “a more innocent time.” India had not yet conducted its ASAT test — that happened the following year — and the last time Russia destroyed one of its own satellites was decades earlier. There were only six countries in SWF’s first counterspace report.  “In the past six years we’ve doubled” that number and “always have a couple of countries on tap” to keep an eye on because counterspace capabilities are “seen as something that major space powers want to have and feel like they need to have. That’s one of the big changes.”

Another big change is the number of satellites in orbit, especially SpaceX’s Starlink with more than 5,000 now, and the increasing dependence on satellites by just about everyone on the planet.

There were “more space launches last year than any prior year, more satellites in space than ever,” Swope commented, and that means “people are only more interested in threatening space systems for whatever purpose — national security or economic gain.”  As the CSIS report highlights, some counterspace actions, like jamming, spoofing and hacking, are becoming normalized. “That’s the biggest thing that I think for me is the takeaway here.”

Weeden ended on a somewhat positive note that the SWF and CSIS reports have raised awareness around the world. “Are we getting to the solutions part of this? I’m not quite sure on that. But, hey, at least we know we’re talking about it a little bit more and there’s more discussion.”

User Comments



SpacePolicyOnline.com has the right (but not the obligation) to monitor the comments and to remove any materials it deems inappropriate.  We do not post comments that include links to other websites since we have no control over that content nor can we verify the security of such links.