SpiderOak Reports Successful On-orbit Testing of New Security Software

On June 22nd, SpiderOak reported a successful on-orbit test of its new OribitSecure software that is currently running on a Ball Aerospace payload in low-earth orbit.

SpiderOak is a US based online backup and file hosting service that claims it’s software uses fully encrypted cloud storage. The software being tested in this most recent on-orbit demonstration was the ‘OrbitSecure’ software. Orbitsecure is designed to limit disruptions to in space communications by “downsizing the attack surface of space operators.” This is a largely software based approached to space cybersecurity that could have big implications on the industry if proven successful. What makes the Orbitsecure platform unique is that the encryption is being applied at the data level. Charles Beames, an executive for SpiderOak explains that , “each data record is encrypted and stored in a digital ledger. Only someone with the appropriate encryption key can access a specific record.”

This article displays some of the inherent risks associated with data storage in the space industry and why cyber risk will always be an important topic. With newer and larger space systems launching each year the data sizes of the products will only be increasing as well. With that comes the need for increased data storage for these encrypted products. A third party data storage and encryption solution like this one is an interesting solution, as it could allow for companies in the future to not worry as much about cybersecurity concerns, and simply purchase software that could handle the encryption-decryption for them. However, with this comes the associated risk of the data passing through more hands than it may need to. Additionally, if multiple missions or companies are using similar software for their encryption needs and a breach occurred, there would be tons of missions at risk of losing data.

The US Space Force has requested 700 million dollars in the 2024 budget for cybersecurity that is being reported to be spent on cybersecurity software, hardware and training resources.