Hackers Target Satellites 

Hundreds of miles above Earth, thousands of satellites are orbiting the planet to keep the world running smoothly. Timing systems, GPS, and communications technologies are all powered by satellites. But for years, security researchers have warned that more needs to be done to secure the satellites against cyber attacks.

US intelligence agencies has now issued a warning about foreign spies targeting the American space industry as well as cyber attacks against the nation's satellite infrastructure.

The US Office of the Director of National Intelligence (DNI) , along with the FBI, the National Counterintelligence and Security Center (NCSC) and the Air Force Office of Special Investigations, has published a warning about increased attempts to attack both satellites in orbit and the intellectual property of companies developing space technologies. The NCSC lists a variety of ways that foreign intelligence agencies can gain access to the space industry in order to acquire access to expertise or new technologies. 

Some of the spying methods listed are seemingly innocuous, such as approaching space industry experts at conferences or contacting them through online forums to elicit information. Some of the methods listed are more explicit, such as carrying out cyber attacks or hacking into private networks to steal intellectual property. 

The DNI statement offers a set of guidelines to help private companies mitigate any potential damage these espionage attempts might cause.

The warning comes just about a month after three teams at the DEF CON 23 convention in Las Vegas managed to hack a US government satellite in orbit. Those attacks were conducted with the full permission of the government as part of the US Space Force’s Hack-A-Sat competition. Three of the teams that successfully breached the security of the orbiting satellite were awarded up to $50,000 in prize money for demonstrating how such an attack could be conducted.

This was the first time that hacker groups were able to prove that it was now possible to circumvent the cyber security protections of satellites in orbit.

The DNI warning states that “Foreign intelligence entities (FIEs) use cyber attacks, strategic investment (including joint ventures and acquisitions), the targeting of key supply chain nodes and other techniques to gain access to the US space industry.”

Securing satellites and other physical space systems faces many of the same challenges as securing other critical infrastructure systems: You typically need physical access to the equipment to make software upgrades. Satellites are designed to orbit the Earth for years and the tech stacks they rely on can easily become out-dated and affected by new security problems.

DNI:    DefenseOne:      Axios.    Wired:    Space.com     Techcrunch:        Image: David Mark

You Might Also Read:

Cyberwar: Lessons From Ukraine:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Virtual Event: How to make SIEM grow with your organization
Hackers Hit British Defence Ministry »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

National Cyber Security Authority (NCA) - Saudi Arabia

National Cyber Security Authority (NCA) - Saudi Arabia

The NCA is the government entity in charge of cybersecurity in Saudi Arabia and serves as the national authority on its affairs.

CIRISK

CIRISK

CIRISK offers a wide range of services from consulting to audit or project management to help you develop your cyber security or information security strategy.

Knowledge Transfer Network (KTN)

Knowledge Transfer Network (KTN)

KTN links new ideas and opportunities with expertise, markets and finance through our network of businesses, universities, funders and investors.

Emagined Security

Emagined Security

Emagined Security is a leading provider of professional services for Information Security and Compliance solutions.

Rhino Security Labs

Rhino Security Labs

Rhino Security Labs is a top penetration testing and security assessment firm, with a focus on cloud pentesting, network pentesting, web application pentesting, and phishing.

Pivot Technology School

Pivot Technology School

Pivot Tech offers Data Analytics, Software Development and Cyber Security training in boot camp style cohorts.

ArmorCode

ArmorCode

ArmorCode's intelligent application security platform gives us unified visibility into AppSec postures and automates complex DevSecOps workflows.

Vectra AI

Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises.

Intel 471

Intel 471

Intel 471 provides adversary and malware intelligence for leading intelligence, security and fraud teams.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

MS Tech Solutions

MS Tech Solutions

MS Tech Solutions is a Jamaican-based, multinational consulting company that specializes in the architecture, implementation and management of key network and Information technologies.

Allot

Allot

Allot are a global provider of leading innovative network intelligence and security solutions for Service Providers and Enterprises worldwide.

NSW IT Support

NSW IT Support

NSW IT Support: Your exclusive hub for comprehensive Business IT services in Sydney. Our skilled team ensures seamless technology solutions nationwide, consistently delivering top-tier IT support.

Prompt Security

Prompt Security

Prompt Security provides an LLM agnostic approach to ensure security, data privacy and safety across all aspects of Generative AI.