Military

Report: Cyber Group Targeted Aerospace and Telco Sectors

By Ryan Duffy
Share
The Vehicle Assembly Building at Kennedy Space Center. Photo: NASA
The Vehicle Assembly Building at Kennedy Space Center. Photo: NASA

An Iranian hacking group has targeted a global array of aerospace and telecom companies since at least 2018, according to research published by Cybereason last week. 

  • The Boston cybersecurity firm refers to the previously unidentified cyber group as “MalKamak.” MalKamak’s espionage campaign was dubbed “Operation Ghostshell.”
  • Cybereason, which discovered the group earlier this year, didn’t name the companies affected. But Ghostshell compromised at least 10 firms and affected “dozens of others,” Bloomberg reported.

Op. Ghostshell objectives: Using a new type of spyware, Malkamak sought to access and siphon away IP, sensitive data, and technology from its targets. While the campaign was concentrated on Middle Eastern victims, Malkamak also went after companies in the US, EU, and Russia. 

Cyberspace + counter-space: Satellites, ground infrastructure, comms equipment, corporate servers, you name it…if it’s a space-related asset, it could eventually have a target on its back. From sophisticated hackers’ POV, the space industry represents an attractive target for more reasons than we can count. To name five: 

  1. For many satellites, and especially spacecraft on decades-old missions, hardware is frozen in time and reliant on dated security protocols. 
  2. Companies may not rely on the same hardening measures as intelligence agencies or militaries. 
  3. Critical infrastructure depends on space assets. Compromised satellites could become a central, cascading point of failure for everyday navigation and communication functions. 
  4. Space companies have complex supply chains and vendor ecosystems, which expands their threat surface. 
  5. Finally, of course, there are many geopolitical and national security elements at play. While unconfirmed, it’s highly likely that Ghostshell’s victims had sensitive dealings with their countries’ government agencies and national security communities. 

Fortunately, the worst-case “lights out” scenarios alluded to above have not come to pass. Still, vulnerabilities remain. Better safe than sorry.

Payload’s takeaway: The hardening of space assets—from software to ground stations—seems destined to grow with the commercialization of the final frontier. We’re especially interested to watch collaboration efforts between industry and government, but also where security practices might still be siloed and antiquated. 

Share

Upcoming Events

Return Home
Related Stories
BusinessMilitaryTechnology

Anduril wins $99.7M Contract to Modernize SPACECOM 

Lattice uses machine learning and AI models to help operators track objects in space, giving SPACECOM a more resilient space surveillance tool.

InternationalMilitary

First Dutch Military EO Sat to Launch in 2027

The spacecraft will host a laser communications terminal and a set of optical sensors to provide Dutch defense forces with a sovereign space-borne intelligence-gathering capability.

BusinessMilitary

Voyager Is Trying to Right-Size National Security Space

There are three major areas where Voyager is investing in national security space: Solid rockets, intelligence, and satellite payloads.

Military

Five Companies Join DoD Info Sharing Network

In addition to the five companies, the cell is in the process of adding two additional companies, which is expected to bring the total membership to 17 by early 2025.