FBI, Air Force warn of cyberattacks on space industry by ‘foreign intelligence operations’

U.S. intelligence agencies are warning of increasing cyberattacks targeting U.S.-based space companies by unnamed foreign intelligence services.

The FBI, the National Counterintelligence and Security Center (NCSC) and the Air Force Office of Special Investigations (AFOSI) published a two-page advisory on Friday that warned of cyberattacks on the space industry due to its increasing importance to the global economy.

“Foreign intelligence entities (FIEs) recognize the importance of the commercial space industry to the US economy and national security, including the growing dependence of critical infrastructure on space-based assets,” the agencies said.

“They see US space-related innovation and assets as potential threats as well as valuable opportunities to acquire vital technologies and expertise. FIEs use cyberattacks, strategic investment (including joint ventures and acquisitions), the targeting of key supply chain nodes, and other techniques to gain access to the US space industry.”

In April, the influential Cyberspace Solarium Commission told The White House it should formally name space as a critical infrastructure sector and take steps to protect satellites and other space systems against cyberattacks.

The Commission claimed the “threat from Russia and China is growing,” and that both countries “have placed American and partner space systems in their crosshairs, as demonstrated by their testing of anti-satellite (ASAT) capabilities.”

Concerns about the industry have grown since Russia’s attack on the satellite company Viasat at the beginning of Moscow’s invasion of Ukraine in an effort to disrupt communications.

According to the advisory, attempted cyberattacks on the U.S. space industry have centered on stealing proprietary data, with a few cases related to the abuse of intellectual property.

Hackers connected to other governments have also shown interest in collecting data from satellites, disrupting U.S. satellite communications and “degrading the United States’ ability to provide critical services during emergencies.”

The agencies said other countries are hard at work identifying vulnerabilities and “targeting US commercial space infrastructure during conflict.”

The agencies warned that all employees, contractors and suppliers are at risk of attack and should be wary of inquiries seeking sensitive information.

Friday’s advisory claims the global space economy will grow to more than $1 trillion within seven years — with the U.S. and China leading the world in investment in the sector.

They warned that infrastructure in space is “fundamental to every aspect of our society, including emergency services, energy, financial services, telecommunications, transportation, and food and agriculture.”

“All rely on space services to operate,” they explained, adding that foreign government “efforts to target and exploit the U.S. space industry can harm… commercial firms and broader U.S. national and economic security in several ways.”

No countries were named in the advisory and none of the agencies involved responded to requests for comment about what prompted the publication of the document.

The advisory goes so far as to say those working on space technology should be wary of conferences, joint ventures, trip invitations to foreign countries and investment efforts. They urged anyone who believes they may have been targeted to contact the FBI.

They even suggest companies should begin tracking “peculiar incidents” or create insider threat programs, alongside a range of other protective cybersecurity measures.

For years, vulnerabilities in space infrastructure have been a point of interest for cybersecurity researchers. In April, hackers proved they could seize control of a European Space Agency (ESA) satellite, and at the recent DefCon conference in Las Vegas an entire “space village” was created where researchers discussed satellite vulnerabilities and shared tips or concerns about the sector.

There have been several recent claims of cyberattacks and ransomware incidents targeting the space industry, including a March ransomware attack on SpaceX-supplier Maximum Industries that was never publicly acknowledged.

Hackers have also gone after multiple space observatories in the U.S. and in Chile in recent months, targeting researchers using powerful telescopes.

In 2019, the Justice Department sentenced a Chinese national to more than three years in prison for exporting military- and space-grade technology to the Chinese government.