Critical Infrastructure Security, Governance, Risk and Compliance

Feds warn US space sector: hackers and spies want your secrets

Falcon 9 rocket

Intelligence agencies are warning U.S. space companies that they face a growing threat from foreign actors attempting to steal their secrets.

In a two-page advisory published Friday, the FBI, the National Counterintelligence and Security Center (NCSC) and the Air Force Office of Special Investigations (AFOSI) cautioned that unnamed foreign intelligence entities were using a range of measures, including hacking campaigns, to infiltrate and subvert the industry.

These entities “use cyberattacks, strategic investment (including joint ventures and acquisitions), the targeting of key supply chain nodes, and other techniques to gain access to the US space industry,” the advisory states.

The global space economy is projected to expand from $469 billion in 2021 to more than $1 trillion by 2030, with the U.S. being the main driver of growth this decade. Hostile countries recognize the importance of the U.S. space sector as a contributor to both the national economy and the country’s security, as well as a source of potential innovation to tap for their own space programs.  

“They see US space-related innovation and assets as potential threats as well as valuable opportunities to acquire vital technologies and expertise.”

Companies, their employees, contractors and suppliers need to be alert to signs of targeting. These could include unusually high levels of malicious cyber activity, requests from unknown entities to visit company facilities, probing questions about sensitive company information, and suspicious attempts to hire staff or enter into business arrangements.

In one of the most recent attacks against the space sector, operations at Hawai'i's Gemini North observatory were disrupted on Aug. 1 following an attempted cyberattack targeted at the systems of the National Science Foundation’s National Optical-Infrared Astronomy Research Laboratory (NOIRLab).

“Quick reactions by the NOIRLab cyber security team and observing teams prevented damage to the observatory,” the organization said at the time.

In April, the Cyberspace Solarium Commission (CSC) issued a report arguing that space systems should be designated as the 17th critical infrastructure sector in a bid to pressure the adoption of stronger cybersecurity defenses among satellite operators.

“Against the backdrop of rising threats, the U.S. government’s current approach to safeguarding space and working with private industry to secure critical systems is insufficient. While pieces of the industry fall under communications infrastructure or the defense industrial base, too much is left uncovered,” the CSC said in its 24-page report.

“Recent government efforts to rectify the problem are promising but remain in their infancy. While not without its challenges, designating space systems as a critical infrastructure sector would begin to rectify these problems.”

In a summary of nation-state-backed threats and attacks against U.S. space organizations and infrastructure, the CSC report referenced the February 2022 hacking of U.S.-based satellite internet provider Viasat. The attack, aimed at disrupting Ukraine’s military communications, was widely attributed to Russia and occurred an hour before Moscow invaded Ukraine.

“China, for its part,” the CSC report noted, “has for years been honing the ability to strike enemy satellites using cyber operations, electronic warfare, and other means as part of the country’s larger warfighting strategy and doctrine, designed to deny adversaries access to space-based systems.”

Last week’s advisory from the FBI, NCSC and AFOSI outlined several steps U.S. space organizations could take to mitigate threats from foreign intelligence services. These included fostering an “enterprise-wide security posture,” keeping an anomaly log of peculiar or potentially malicious incidents, establishing an insider threat program, and carrying out “robust due diligence” on their supply chain suppliers.

Simon Hendery

Simon Hendery is a freelance IT consultant specializing in security, compliance, and enterprise workflows. With a background in technology journalism and marketing, he is a passionate storyteller who loves researching and sharing the latest industry developments.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.