Frazer-Nash Consultancy released a detailed paper warning that space-based solar power (SBSP), which promises to deliver consistent, around-the-clock energy and generate significant revenue, could face a wave of cyber and physical threats. As nations increasingly view these power systems as a critical pillar of their energy infrastructure, the report explores the geopolitical, social, and security challenges surrounding their development, including sabotage, extortion, and public misconceptions, while outlining high-level risk mitigations to protect these systems in a contested orbit.
Titled ‘Securing Space-Based Solar Power as Critical National Infrastructure,’ the Frazer-Nash document identified that SBSP systems represent a transformative technology with the potential to provide continuous, reliable power to national grids, impacting energy markets and critical infrastructure. These systems, like other critical energy infrastructures, are likely to become attractive targets for well-funded and organized adversaries throughout their lifecycle.
The 33-page paper recognizes that the adoption and security of SBSP technology will heavily depend on public perception, especially regarding the safety and trustworthiness of power-beaming technology. The threat landscape for SBSP systems will evolve as adversaries develop more advanced tools and tactics, though resilience is also expected to improve with better counterthreat technologies.
Security measures for SBSP platforms must take a system-of-systems approach that addresses vulnerabilities across the supply chain, ground-based facilities, network infrastructure, and in-space assets. Collaborative international agreements can help mitigate risks and unlock SBSP’s full potential, while the strategic sharing of power sources could enhance protection against hostile state actors. The early adoption of security standards, such as IEC 62443 and cyber-informed engineering, will be critical to building secure and resilient SBSP systems from the outset.
Mitigating insider threats through a strong security culture and limiting opportunities for insider exploitation will also be essential. The physical location and structural characteristics of SBSP systems in orbit inherently limit certain types of threats compared to terrestrial energy infrastructure. Finally, the risk of creating dangerous space debris, known as the Kessler syndrome, will in some cases deter aggressors from launching kinetic attacks against SBSP platforms.
The Frazer-Nash paper mentioned that SBSP systems will inevitably influence strategic and political issues in orbit, reshaping international energy security and the broader field of astropolitics. Proactive engagement and transparent communication will be vital to address public concerns and build lasting support for SBSP initiatives. Ensuring compliance with both international and national regulatory frameworks will be essential for secure and lawful operation. At the same time, questions around neocolonialism and how power is shared among states must be carefully considered to avoid geopolitical imbalances.
It identified that nation-states, organized criminals, hacktivists, activists, and insiders pose potential threats to SBSP systems. Ground stations face vulnerabilities that could include the loss of safety systems, unauthorized spacecraft control, and theft of critical equipment, requiring strong security measures and strict regulatory oversight. In-orbit systems are exposed to risks such as unauthorized remote access, control hijacking, and even physical attacks, which call for engineering-grade protections and defensive systems.
Looking ahead, advancements in artificial intelligence, quantum computing, and counterspace capabilities will continue to reshape the threat landscape. Continuous monitoring and adaptation will be necessary to keep these evolving risks in check.
The document noted that state actors will continue to target critical national infrastructure, building specific tools that target the operational technology used. Recent malware tools such as Pipedream are modular, allowing them to be easily updated to target different hardware. This is likely to continue with tools that target common traits/libraries shared by multiple vendors of OT hardware.
AI advancements are also lowering the bar for entry into attacking OT, while commercially available generative AI (GenAI) is capable of teaching/helping users to understand OT hardware and how it works, and is also capable of producing simple python and shellcode that can be used maliciously. There have also been attempts at producing malware. Malicious actors will almost certainly be producing their own GenAI that will not have the moral limitations set by the commercial versions.
Over the next 10 to 20 years, Frazer-Nash expects the emergence of AI-generated malware and increasingly complex shellcode, much of it created by low-skilled hackers. In addition, the ability to use native shellcode elevates the unskilled hacker’s ability to live off the land, making it harder to detect them.
The Frazer-Nash paper lays out a series of recommendations to help secure SBSP platforms. It calls for integrating cyber-informed engineering principles throughout design, construction, and operation. Internationally recognized cybersecurity standards, such as IEC 62443, should be adopted to establish a strong baseline. Comprehensive risk assessments are essential, along with early engagement with regulators and adherence to frameworks like the NCSC’s Cyber Assessment Framework or the NIST Cybersecurity Framework.
Multinational partnerships and energy-sharing agreements can improve security and resilience. Public engagement, informed by lessons from past infrastructure projects, is vital to build trust and limit activist opposition. Robust cybersecurity across the entire supply chain is another critical priority.
The paper also urges planning for post-quantum cryptography to stay ahead of future threats. Fostering a security culture that reduces insider risk is key, along with continuous threat monitoring to stay aware of an evolving and increasingly complex threat landscape.
