Report: Cyber Group Targeted Aerospace and Telco Sectors

The Vehicle Assembly Building at Kennedy Space Center. Photo: NASA
The Vehicle Assembly Building at Kennedy Space Center. Photo: NASA

An Iranian hacking group has targeted a global array of aerospace and telecom companies since at least 2018, according to research published by Cybereason last week. 

  • The Boston cybersecurity firm refers to the previously unidentified cyber group as “MalKamak.” MalKamak’s espionage campaign was dubbed “Operation Ghostshell.”
  • Cybereason, which discovered the group earlier this year, didn’t name the companies affected. But Ghostshell compromised at least 10 firms and affected “dozens of others,” Bloomberg reported.

Op. Ghostshell objectives: Using a new type of spyware, Malkamak sought to access and siphon away IP, sensitive data, and technology from its targets. While the campaign was concentrated on Middle Eastern victims, Malkamak also went after companies in the US, EU, and Russia. 

Cyberspace + counter-space: Satellites, ground infrastructure, comms equipment, corporate servers, you name it…if it’s a space-related asset, it could eventually have a target on its back. From sophisticated hackers’ POV, the space industry represents an attractive target for more reasons than we can count. To name five: 

  1. For many satellites, and especially spacecraft on decades-old missions, hardware is frozen in time and reliant on dated security protocols. 
  2. Companies may not rely on the same hardening measures as intelligence agencies or militaries. 
  3. Critical infrastructure depends on space assets. Compromised satellites could become a central, cascading point of failure for everyday navigation and communication functions. 
  4. Space companies have complex supply chains and vendor ecosystems, which expands their threat surface. 
  5. Finally, of course, there are many geopolitical and national security elements at play. While unconfirmed, it’s highly likely that Ghostshell’s victims had sensitive dealings with their countries’ government agencies and national security communities. 

Fortunately, the worst-case “lights out” scenarios alluded to above have not come to pass. Still, vulnerabilities remain. Better safe than sorry.

Payload’s takeaway: The hardening of space assets—from software to ground stations—seems destined to grow with the commercialization of the final frontier. We’re especially interested to watch collaboration efforts between industry and government, but also where security practices might still be siloed and antiquated. 

Related Stories

A Controversial Pilot Program is Expanding the Military’s Use of Commercial Space

A Defense Department pilot program hired private satellite operators last month to provide intelligence directly to battlefield commanders.


NDAA 2025: Guard Transfers, CASR, and Commercial Ops

The House’s draft of the fiscal 2025 National Defense Authorization Act would move forward with a hotly-contested plan to transfer space-focused Air National Guard members to the Space Force. 


Pentagon Frets About ULA’s Vulcan Delays

“Currently there is military satellite capability sitting on the ground due to Vulcan delays.”


The Space Force Needs to Grow Up, Says CNAS

America’s newest military branch still has some maturing to do to earn the respect and support of the public and the nation’s adversaries, according to analysts.