Report: Cyber Group Targeted Aerospace and Telco Sectors

The Vehicle Assembly Building at Kennedy Space Center. Photo: NASA
The Vehicle Assembly Building at Kennedy Space Center. Photo: NASA

An Iranian hacking group has targeted a global array of aerospace and telecom companies since at least 2018, according to research published by Cybereason last week. 

  • The Boston cybersecurity firm refers to the previously unidentified cyber group as “MalKamak.” MalKamak’s espionage campaign was dubbed “Operation Ghostshell.”
  • Cybereason, which discovered the group earlier this year, didn’t name the companies affected. But Ghostshell compromised at least 10 firms and affected “dozens of others,” Bloomberg reported.

Op. Ghostshell objectives: Using a new type of spyware, Malkamak sought to access and siphon away IP, sensitive data, and technology from its targets. While the campaign was concentrated on Middle Eastern victims, Malkamak also went after companies in the US, EU, and Russia. 

Cyberspace + counter-space: Satellites, ground infrastructure, comms equipment, corporate servers, you name it…if it’s a space-related asset, it could eventually have a target on its back. From sophisticated hackers’ POV, the space industry represents an attractive target for more reasons than we can count. To name five: 

  1. For many satellites, and especially spacecraft on decades-old missions, hardware is frozen in time and reliant on dated security protocols. 
  2. Companies may not rely on the same hardening measures as intelligence agencies or militaries. 
  3. Critical infrastructure depends on space assets. Compromised satellites could become a central, cascading point of failure for everyday navigation and communication functions. 
  4. Space companies have complex supply chains and vendor ecosystems, which expands their threat surface. 
  5. Finally, of course, there are many geopolitical and national security elements at play. While unconfirmed, it’s highly likely that Ghostshell’s victims had sensitive dealings with their countries’ government agencies and national security communities. 

Fortunately, the worst-case “lights out” scenarios alluded to above have not come to pass. Still, vulnerabilities remain. Better safe than sorry.

Payload’s takeaway: The hardening of space assets—from software to ground stations—seems destined to grow with the commercialization of the final frontier. We’re especially interested to watch collaboration efforts between industry and government, but also where security practices might still be siloed and antiquated. 

Related Stories

Report Considers Commercial Reinforcements For DoD

What would it look like for the Defense Department to be able to lean on the commercial space community in times of need? That’s the question examined by a new report from the RAND Corporation released last week.


Korea Tensions Move to Space

North and South Korea are using space as a vantage point to keep an eye on one another. On Nov. 21, North Korea successfully launched a military spy satellite to orbit on its third try, sparking international concern and escalating tension in the region. Now officials say that the satellite is up and running, collecting […]


North Korea Says It Successfully Launched Spy Sat

North Korea claimed on Wednesday that it successfully placed its first spy satellite in orbit, drawing a rebuke from the White House. 


Ursa Major Unveils SRM Business With Lynx

Space propulsion startup Ursa Major is getting into the solid rocket motor game.