Cyber-Attacks In Outer Space: Ai-Driven Warfare And India’s Role In Shaping Legal Norms

Anirudh Sharma, BA LLB, Chaudhary Charan Singh University

ABSTRACT

Recent incidents show that the outer space is increasingly vulnerable to cyber-attacks. In 2022, thousands of satellite modems (“KA-SAT”) were disrupted by a ransomware attack linked to state-sponsored actors1. Similarly, SpaceX reported jamming of Starlink terminals in Ukraine, underscoring the feasibility of electronically targeting satellites2. These events expose gaps in the Cold-War era legal regime: the 1967 Outer Space Treaty (OST) and 1972 Liability Convention were drafted before cyber threats or AI-enabled systems were envisioned3. In particular, OST relies on human consultation (Article IX) and liability for physical damage, neither of which easily accommodates fast, autonomous cyber-attacks. Scholars note the Liability Convention’s “blind spot” it holds a launching state strictly liable for harm on Earth regardless of causation, meaning an innocent state could bear the cost of damage caused by a third-party cyber hijacker4. Meanwhile, autonomy and AI in space exacerbate complexity: US plans for fully autonomous satellites highlight how AI can help evade attacks (by altering orbits, detecting hacks, etc.),5 but also raise questions of responsibility when AI makes split-second decisions absent human oversight6. This article examines these challenges, assesses India’s legal measures (e.g. the IT Act 2000, the new Digital Personal Data Protection Act 2023, and a draft Space Activities Bill) and diplomacy (G20 space initiatives, COPUOS contributions, GPAI membership) aimed at securing space assets.