The US Federal Bureau of Investigation (FBI), the National Counterintelligence and Security Center (NCSC), and the Air Force Office of Special Investigations (AFOSI) have jointly issued a bulletin highlighting the cyberespionage threats targeting the space industry. This bulletin comes amid growing concerns over the vulnerability of the US space sector to foreign intelligence entities (FIEs) seeking to acquire vital technologies and expertise.
The bulletin emphasizes the significance of the commercial space industry to the US economy and national security, particularly the increasing reliance of critical infrastructure on space-based assets. FIEs view US space-related innovation and assets as potential threats, as well as valuable opportunities to gain access to vital technologies. To accomplish their objectives, these entities employ various tactics such as cyberattacks, strategic investments, targeting key supply chain nodes, and other techniques to infiltrate the US space industry.
While the warning primarily focuses on the threat posed to intellectual property, it also highlights the direct threats to space systems themselves. The New York Times points out that China and Russia are the primary adversaries in this field, and the US Intelligence Community believes that any future war is likely to start with a cyberattack against satellite systems, taking cues from Russia’s invasion of Ukraine.
To help organizations identify potential cyber threats, the bulletin provides a list of indicators and warnings of hostile cyber activity. It urges companies in the space industry to remain vigilant for signs of unusually high cyberactivity that targets their organization from unknown sources. It also advises organizations to be cautious when receiving requests to visit their facilities from unknown or foreign entities and to stay alert for specific and probing questions regarding sensitive and proprietary information. Additionally, the bulletin alerts companies to potential elicitation attempts at conferences or online fora and warns against unsolicited offers to establish joint ventures with companies tied to foreign governments or state-owned enterprises.
The bulletin further highlights the importance of protecting technical experts within the space industry. It urges organizations to be wary of attempts by foreign entities to recruit their technical experts through invitations to travel abroad, offers of employment or consultancy work, and the provision of financial incentives in exchange for proprietary information. The bulletin also warns about acquisition or investment efforts by foreign companies through wholly-owned subsidiaries registered in third countries, which are designed to obscure the parent company’s connections.
Overall, this bulletin serves as a reminder of the significant cyberespionage threats facing the US space industry. In an era where space-based assets play a vital role in various sectors, including communication, navigation, and military operations, it is crucial for organizations and institutions involved in the space sector to remain vigilant and adopt robust cybersecurity measures. By staying informed about the latest threats and indicators of hostile cyber activity, the US space industry can work towards safeguarding its intellectual property, technologies, and expertise from foreign intelligence entities seeking to exploit vulnerabilities.