Hackers Target Satellites 

Hundreds of miles above Earth, thousands of satellites are orbiting the planet to keep the world running smoothly. Timing systems, GPS, and communications technologies are all powered by satellites. But for years, security researchers have warned that more needs to be done to secure the satellites against cyber attacks.

US intelligence agencies has now issued a warning about foreign spies targeting the American space industry as well as cyber attacks against the nation's satellite infrastructure.

The US Office of the Director of National Intelligence (DNI) , along with the FBI, the National Counterintelligence and Security Center (NCSC) and the Air Force Office of Special Investigations, has published a warning about increased attempts to attack both satellites in orbit and the intellectual property of companies developing space technologies. The NCSC lists a variety of ways that foreign intelligence agencies can gain access to the space industry in order to acquire access to expertise or new technologies. 

Some of the spying methods listed are seemingly innocuous, such as approaching space industry experts at conferences or contacting them through online forums to elicit information. Some of the methods listed are more explicit, such as carrying out cyber attacks or hacking into private networks to steal intellectual property. 

The DNI statement offers a set of guidelines to help private companies mitigate any potential damage these espionage attempts might cause.

The warning comes just about a month after three teams at the DEF CON 23 convention in Las Vegas managed to hack a US government satellite in orbit. Those attacks were conducted with the full permission of the government as part of the US Space Force’s Hack-A-Sat competition. Three of the teams that successfully breached the security of the orbiting satellite were awarded up to $50,000 in prize money for demonstrating how such an attack could be conducted.

This was the first time that hacker groups were able to prove that it was now possible to circumvent the cyber security protections of satellites in orbit.

The DNI warning states that “Foreign intelligence entities (FIEs) use cyber attacks, strategic investment (including joint ventures and acquisitions), the targeting of key supply chain nodes and other techniques to gain access to the US space industry.”

Securing satellites and other physical space systems faces many of the same challenges as securing other critical infrastructure systems: You typically need physical access to the equipment to make software upgrades. Satellites are designed to orbit the Earth for years and the tech stacks they rely on can easily become out-dated and affected by new security problems.

DNI:    DefenseOne:      Axios.    Wired:    Space.com     Techcrunch:        Image: David Mark

You Might Also Read:

Cyberwar: Lessons From Ukraine:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Virtual Event: How to make SIEM grow with your organization
Hackers Hit British Defence Ministry »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Titus

Titus

Titus is a global leader in enterprise-grade data protection solutions.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

CyberDefcon

CyberDefcon

CyberDefcon is an independent organization dedicated to the pursuit of making the internet a safer place.

Entersekt

Entersekt

Entersekt is an innovator in push-based authentication and app security.

Pentesec

Pentesec

Pentesec is a security specialist offering professional services, managed security services and expertise within an extensive range of security technologies.

Kordia

Kordia

Kordia is a leading provider of mission-critical technology solutions throughout Australasia. We have the most comprehensive cyber security offering in New Zealand.

E2E Technologies

E2E Technologies

E2E Technologies are a proactive, SLA-beating, managed service provider that busts the common stereotypes surrounding IT.

RNTrust

RNTrust

RNTrust provide solutions to meet today’s digital challenges utilizing digital technologies and services to make you more secured in digitally connected environment.

Suridata

Suridata

Suridata’s SaaS Security platform enables organizations to secure the use of SaaS applications.

Arcanna.ai

Arcanna.ai

Using a wide range of out-of-the box integrations, Arcanna.ai continuously learns from existing enterprise cybersecurity experts and scales your team’s capacity to deal with threats.

Riskonnect

Riskonnect

Riskonnect technology empowers organizations with the ability to anticipate, manage, and respond in real-time to strategic, operational, and digital risks across the extended enterprise.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

AI Security Institute (AISI)

AI Security Institute (AISI)

The AI Security Institute’s mission is to minimise surprise to the UK and humanity from rapid and unexpected advances in AI.

Operational Systems (OpSys)

Operational Systems (OpSys)

OpSys is a leading Managed IT and Cyber Security provider protecting the critical elements of businesses across the globe.

Bluecyber Insurance

Bluecyber Insurance

At Bluecyber, we are revolutionizing the cyber insurance market, democratizing access to digital protection for small and medium-sized businesses.

RANE Network

RANE Network

RANE is a global risk intelligence company that provides critical insights and analysis to more efficiently anticipate, monitor, and respond to emerging threats.