COLORADO SPRINGS, CO, September 3, 2024 — Space Information Sharing and Analysis Center (Space ISAC) is announcing an update in its threat level assessment via a TLP: CLEAR public release. The purpose of this announcement is to raise awareness of the space industry, government, and international partner perspective on the current threat level.
Threat Level Assessment:
Considering recent developments and ongoing cyber and physical threats to space systems, Space ISAC reaffirms its recommendation to maintain the Threat Level at Level 3: High. This decision is informed by input from Space ISAC’s diverse members and partners—including those from commercial, international, defense, intelligence community, and collective intelligence sectors—and analysts have identified several factors contributing to the heightened threat environment within space and related sectors, including:
- Consistent Targeting: Cyber threat actors continue to target owners, operators, manufacturers, and distributors of space system technology.
- Use of Legitimate Services: Threat actors routinely leverage vulnerabilities in commonly used software, in addition to the use of legitimate services such as cloud and VPN devices.
- Rising Global Interference and Navigation Disruption: RF interference activities increase in tandem with geopolitical conflicts, impacting flight safety and GNSS in multiple regions.
- Space Debris & Space Weather Events Proliferate Threat Landscape: Space environmental events create additional risks to space operators to include the generation of space debris from on-orbit breakup events, and space weather impacts generated by solar storms.
- Evolution of Threat Actor Tactics, Techniques, and Procedures (TTPs): Analysis of malicious cyber campaigns indicate an increased sophistication in threat actor TTPs and malware toolkits, as groups prioritize defense evasion and persistence.
These factors collectively contribute to a heightened threat environment, aligning with the specified criteria for Level 3: High.
Analysts also note the sophistication of observed threat activity, as threat actors continue to prioritize the use of legitimate services and living off the land techniques for obfuscation in addition to the targeting of edge devices to include VPN and cloud services. Space ISAC will continue to monitor the operational environment and adjust the threat level accordingly.
Recommendations for Members:
- Evaluate account and credential access.
- Implement routine scans for malicious network traffic.
- Ensure regular reviews and patch management of all critical systems.
- Lower reporting thresholds to Space ISAC and appropriate entities.
- Communicate threat messaging to internal staff.
Space ISAC Members are encouraged to use the member portal to receive timely, actionable threat alerts from the Space ISAC Watch Center.
Space ISAC encourages members to stay informed and proactive in mitigating potential threats to ensure the resilience of space systems and infrastructure.
###
BACKGROUND
Space Information Sharing and Analysis Center (ISAC) is a 501(c)(6) organization that serves as the all-threats security information source for the public and private space sector. Founded in 2019, Space ISAC became an official member of the National Council of ISACs in 2020. The Space ISAC Watch Center achieved initial operational capability in March 2023.
Space ISAC is located at the Kevin W O’Neil Cybersecurity Research and Education Building at the University of Colorado Colorado Springs. The Space ISAC serves to facilitate collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member entities; and to serve as the primary communications channel for the sector with respect to this information. After opening the Watch Center in 2023, member services include support for response, mitigation, and resilience initiatives, while breaking down communication silos of public-private information sharing.
Space ISAC founding members include: Kratos Defense & Security Solutions, Inc. (NASDAQ: KTOS), Booz Allen Hamilton (NYSE: BAH), MITRE, SES, Lockheed Martin (NYSE: LMT), Northrop Grumman (NYSE: NOC), Purdue University, the Space Dynamics Laboratory, the Johns Hopkins University Applied Physics Laboratory, The Aerospace Corporation, the University of Colorado Colorado Springs, Microsoft, L3Harris, Deloitte and Capella Space.
Space ISAC establishes partnerships with government agencies for facilitating collaboration to protect the security of the global space industry. Space ISAC government partners include: Department of Homeland Security Cybersecurity Infrastructure Security Agency, U.S. Air Force, U.S. Space Command, US Space Force, Department of State, Federal Bureau-Investigation, Japan Aerospace Exploration Agency (JAXA), Japan Ministry of the Economy, Trade and Industry (METI), Centre National D’Etudes Spatiales (CNES), United Kingdom Space Agency (UKSA), Israel Space Agency, the Greek Ministry of Digital Governance, the Department of Commerce, the National Cyber Director, the National Aeronautics and Space Administration (NASA), IC Commercial Space Council, and National Space Council.