“You really gonna park right on top of me like that man?”

Russian spy satellite reportedly continues suspicious maneuvers


tl;dr – pretty short and simple: a Russian satellite has repositioned several times over the past year and each time has been located very close (as close as 20km) to 10 communication satellites owned by US, European, and African agencies

I found this article to be related to the conversation we had in last week’s class about how satellites are typically not designed to be “protected” against close visual inspection, so they rarely obscure hardware details and markings that could be informative to adversaries seeking to develop exploits against the devices. Here this week we see an article directly related to that, as this Russian (allegedly) spy satellite spending time right near other satellites.

There are multiple threat models we could consider here. On the one hand, consider that the procurement processes (at least should be) severely locked down, so being able to get close and see that hardware like we discussed last week could be a way for adversaries to develop capabilities against a satellite. Ironically, it might be easier to do a flyby to collect information about vulnerabilities than it could be to hack into the systems related to the satellite procurement and development process and learn about the specific hardware implementations that might have vulnerabilities.

On the other hand, it relates to a separate concept we talked about last week – that RF communications between satellites and ground stations are blasted out into the ether for anyone to hear. Unlike point to point cabling, which occupies a specific physical space, the way satellites and ground stations communicate is by propagating radio frequency waves into the environment in the direction of the intended recipient. This opens up a threat model whereby an adversary could easily position itself to where it can also receive those same RF communications. Ideally, those comms should be encrypted but when we’re talking about nation-state level adversaries, security is not a state but a spectrum.

One could certainly conceive of a scenario where an adversary might bounce around surveying particular communications links to gather data, then throw any encryption breaking capabilities they have at that data to try to find a more permanent parking place for said satellite.