Recent cyberattacks targeting the space sector have raised concerns within the international community, particularly after the Viasat hack that occurred just prior to the invasion of Ukraine. While the Viasat hack garnered significant media attention, a subsequent wave of cyberattacks targeted various entities within the space sector with less visibility.
A study conducted by a senior cyber defense researcher at the Center for Security Studies of ETH Zurich identified 124 cyberattacks against the space sector, with motives related to the conflict in Ukraine. The study shed light on the aftermath of these attacks, revealing that 57 different entities were targeted, including prominent organizations such as Starlink, NASA, Lockheed Martin, Boeing, and several space agencies across Europe. Notably, Ukrainian aerospace organizations were also impacted, despite the country not having sovereign satellites.
The study found a relatively balanced ratio of cyber operations targeting the space sector, with 52 percent of attacks attributed to pro-Russian groups and 48 percent to pro-Ukrainian groups. Following the Viasat hack, Ukrainian hackers retaliated by targeting the Russian space agency Roscosmos, viewing it as a contributor to the Russian war effort. The study also highlighted how certain events in the conflict influenced cyberattacks against specific targets within the space sector.
Despite the high-profile nature of these cyberattacks, most operations were characterized as unsophisticated, with Distributed Denial of Service (DDoS) attacks comprising a majority of the incidents. It is worth noting that no identified operation targeted satellites in orbit directly, focusing instead on disrupting IT environments, user interfaces, and software supply chains of space companies and agencies.
Interestingly, most of the cyberattacks against the space sector were attributed to hacktivist groups rather than state actors. While some hacktivist groups showed affiliations with either pro-Russian or pro-Ukrainian sentiments, the study highlighted the diverse nature of these groups and their varying levels of sophistication in cyber operations.
Moreover, the study illustrated the evolving cyber threat landscape faced by the space sector, emphasizing the potential implications of hacker groups taking sides in armed conflicts and launching cyberattacks against space systems. This trend is not limited to the war in Ukraine but has been observed in other conflicts worldwide, indicating a broader challenge that the space sector must address in terms of cybersecurity.
In conclusion, the study underscored the need for increased vigilance and cybersecurity measures within the space sector to mitigate the risks posed by cyber threats. As hacker groups continue to target space systems for various motives, the industry must adapt and bolster its defenses to safeguard critical infrastructure and satellite systems from potential attacks.