Boeing’s Starliner Extended Stay in Space

Boeing’s Starliner achieved a major feat—bringing astronauts to the ISS. Yet, not all its publicity is good. During its maiden crewed test flight on June 5, 2024, five thrusters did not work and there were a series of helium leaks occurring. The helium leaks were caused by faulty seals while the reason for the thrusters not firing is unknown. As engineers work to verify that the Starliner is safe to return to Earth under “nominal” conditions, the test flight is now likely to be extended from 8 days to at least a month and half. NASA and Boeing are now clarifying to the public that the astronaut Sumi Williams and Butch Wilmore are not stranded in Space and there are multiple options for their safe return to space. However, the organizations do intend to have the astronauts return on the Starliner and utilize the extended time in space to gather even more data and run more tests. 

This story highlights many cybersecurity implications in the near term and future. Currently, there is increased communication between NASA and Boeing as they try and resolve the current issues on Starliner. Adversaries could take advantage and target this communication, which could provide insights to the Starliner’s design. Getting even bits and pieces of this valuable information could be detrimental to both organizations, as other companies could use this to steal aspects of the Starliner’s design. Additionally, the failed thrusters were made by Aerojet Rocketdyne and are vendor components. This highlights a possible vulnerability in the vendor or supply chain and adversaries could see this vendor as a weak link and see if they can further expose or target them. 

In the future, adversaries could target human-flight spacecrafts to hold astronauts captive or prevent them from leaving space. This could be taken advantage of as our desire to expand to Mars and beyond grows. The further from Earth, the longer delays in relaying communication between the ground station and the astronauts. If there is a cybersecurity attack, there will be a decrease in ability for diagnosis as it will take longer for the problem to be made aware.