Hackers Target Satellites 

Uploaded on 2023-09-04 in TECHNOLOGY--Hackers, INTELLIGENCE--International, FREE TO VIEW

Hundreds of miles above Earth, thousands of satellites are orbiting the planet to keep the world running smoothly. Timing systems, GPS, and communications technologies are all powered by satellites. But for years, security researchers have warned that more needs to be done to secure the satellites against cyber attacks.

US intelligence agencies has now issued a warning about foreign spies targeting the American space industry as well as cyber attacks against the nation's satellite infrastructure.

The US Office of the Director of National Intelligence (DNI) , along with the FBI, the National Counterintelligence and Security Center (NCSC) and the Air Force Office of Special Investigations, has published a warning about increased attempts to attack both satellites in orbit and the intellectual property of companies developing space technologies. The NCSC lists a variety of ways that foreign intelligence agencies can gain access to the space industry in order to acquire access to expertise or new technologies. 

Some of the spying methods listed are seemingly innocuous, such as approaching space industry experts at conferences or contacting them through online forums to elicit information. Some of the methods listed are more explicit, such as carrying out cyber attacks or hacking into private networks to steal intellectual property. 

The DNI statement offers a set of guidelines to help private companies mitigate any potential damage these espionage attempts might cause.

The warning comes just about a month after three teams at the DEF CON 23 convention in Las Vegas managed to hack a US government satellite in orbit. Those attacks were conducted with the full permission of the government as part of the US Space Force’s Hack-A-Sat competition. Three of the teams that successfully breached the security of the orbiting satellite were awarded up to $50,000 in prize money for demonstrating how such an attack could be conducted.

This was the first time that hacker groups were able to prove that it was now possible to circumvent the cyber security protections of satellites in orbit.

The DNI warning states that “Foreign intelligence entities (FIEs) use cyber attacks, strategic investment (including joint ventures and acquisitions), the targeting of key supply chain nodes and other techniques to gain access to the US space industry.”

Securing satellites and other physical space systems faces many of the same challenges as securing other critical infrastructure systems: You typically need physical access to the equipment to make software upgrades. Satellites are designed to orbit the Earth for years and the tech stacks they rely on can easily become out-dated and affected by new security problems.

DNI:    DefenseOne:      Axios.    Wired:    Space.com     Techcrunch:        Image: David Mark

You Might Also Read:

Cyberwar: Lessons From Ukraine:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Virtual Event: How to make SIEM grow with your organization
Hackers Hit British Defence Ministry »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

National Cyber Security Centre (NCSC) - Netherlands

National Cyber Security Centre (NCSC) - Netherlands

NCSC Netherlands coordinates enhancing the cyber resilience of the Netherlands in the digital domain.

Intelligent Waves

Intelligent Waves

Intelligent Waves holds and manages contracts to provide an array of intelligence, operational, communications and IT support to the USG in austere, forward-deployed, hazardous duty environments.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Carbide

Carbide

Carbide (formerly Securicy) breaks down enterprise-class security and privacy requirements and makes them accessible to, and achievable by, companies of all sizes.

National Cybersecurity Student Association (NCSA)

National Cybersecurity Student Association (NCSA)

The National Cybersecurity Student Association is a one-stop-shop to enhance the educational and professional development of cybersecurity students through activities, networking and collaboration.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

INVISUS

INVISUS

INVISUS protects businesses against the latest cyber risks – including business and employee identity theft, data breaches, and cybersecurity compliance.

NSR

NSR

NSR provide trusted solutions that deliver positive business outcomes for our clients in cybersecurity and data protection challenges.

Symbol Security

Symbol Security

Through situational learning, simulations, and a gamified user experience, Symbol strengthens the cyber awareness of employees and helps companies lower cyber risk.

ID R&D

ID R&D

ID R&D is an award-winning provider of AI-based facial liveness, document liveness, and voice biometrics.

Saffron Networks

Saffron Networks

Saffron Networks is an ISO-certified company. We assure our clients of reliable solutions, specifically with the Security landscape and Enterprise Networking.

Royal United Services Institute (RUSI)

Royal United Services Institute (RUSI)

The Royal United Services Institute is an independent think tank engaged in cutting edge defence and security research. Areas of research include cyber security and resilience.

Mindgard

Mindgard

The Mindgard Security Copilot platform secures your Artificial Intelligence, GenAI and LLMs.

Alchemy Security Consulting

Alchemy Security Consulting

Alchemy Security Consulting specialise in offensive and defensive cyber security. We find the weak link in your security so you can patch it up fast and avoid being hacked.

Quotient

Quotient

Quotient builds digital experiences that empower and inspire the American people by understanding their needs, simplifying complex technical solutions and adapting to how they work, live and learn.