COLORADO SPRINGS, CO, July 2, 2025 — Space Information Sharing and Analysis Center (Space ISAC) is announcing an update in its threat level assessment via a TLP: CLEAR public release. The purpose of this announcement is to raise awareness of the space industry, government, and international partner perspectives on the current threat level.

Threat Level Assessment:

The space threat landscape remains active, characterized by disruptive cyber activity and electronic warfare (EW). These factors are accentuated by geopolitical conflicts in the middle east, and reporting from government agencies and commercial firms reaffirm this sentiment and warn that low-level attacks may soon rise to sophisticated attacks. Additionally, the heightened frequency and impact of GNSS interference, jamming, and spoofing, continues to pose concerns to satellite operators, reflecting a robust threat environment. This decision is informed by input from Space ISAC’s diverse members and partners—including those from commercial, international, defense, intelligence community, and collective intelligence sectors—and analysts have identified several factors contributing to the heightened threat environment within space and related sectors, including:

• Increased Targeting: Cyber threat actors have shown a recent increase in attacks targeting organizations operating within space and related sectors in line with geopolitical conflicts.
• Proliferation of Hacktivism and Geopolitically Motivated Attacks: global conflicts are influencing new & existing threat groups to target organizations with a proximity to national security, including government, defense, and space.
• Social Engineering TTPs Increase Efficacy of Initial Access: Threat groups are implementing as-a-service toolkits and other social engineering tactics to bypass firewalls, content filters, and human detection of threats.
• Geopolitical Events Drive GNSS Interference: Global Navigation Satellite Systems (GNSS) interference commonly coincides with geopolitical events, generating user segment impacts and ultimately impacting the availability of satellite services.
• Dynamic Space Environmental Factors: Space environmental events create additional risks to space operators to include the generation of space debris from on-orbit breakup events, and space weather impacts generated by solar storms.

These factors contribute to a heightened threat environment and are commensurate with the specified criteria for Level 3: High.

Additional factors contributing to this determination include the advanced techniques that threat actors are employing in both financially motivated and espionage-based attacks. The growing presence of initial access brokers blurs these lines and supports future attacks for more sophisticated threats. Space ISAC will continue to closely monitor these developments and adjust the threat level as warranted based on changes in the operational environment and reporting from partners and members.

Recommendations for Members:

• Evaluate account and credential access.
• Implement routine scans for malicious network traffic.
• Ensure regular reviews and patch management of all critical systems.
• Report incidents, vulnerabilities, and/or threats to the Space ISAC and appropriate entities.
• Communicate threat messaging to internal staff

Space ISAC encourages members to stay informed and proactive in mitigating potential threats to ensure the resilience of space systems and infrastructure.

BACKGROUND

Space Information Sharing and Analysis Center (ISAC) is a 501(c)(6) organization that serves as the all-threats security information source for the public and private space sector. Founded in 2019, Space ISAC became an official member of the National Council of ISACs in 2020. The Space ISAC Watch Center achieved initial operational capability in March 2023.

Space ISAC is located at the Kevin W O’Neil Cybersecurity Research and Education Building at the University of Colorado Colorado Springs. The Space ISAC serves to facilitate collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member entities; and to serve as the primary communications channel for the sector with respect to this information. After opening the Watch Center in 2023, member services include support for response, mitigation, and resilience initiatives, while breaking down communication silos of public-private information sharing.

Space ISAC founding members include: Kratos Defense & Security Solutions, Inc. (NASDAQ: KTOS), Booz Allen Hamilton (NYSE: BAH),  MITRE, SES, Lockheed Martin (NYSE: LMT), Northrop Grumman (NYSE: NOC), Purdue University, the Space Dynamics Laboratory, the Johns Hopkins University Applied Physics Laboratory, The Aerospace Corporation, the University of Colorado Colorado Springs, Microsoft,  L3Harris, Deloitte, Capella Space and Amentum.

Space ISAC establishes partnerships with government agencies for facilitating collaboration to protect the security of the global space industry. Space ISAC government partners include: Department of Homeland Security Cybersecurity Infrastructure Security Agency, U.S. Air Force, U.S. Space Command, US Space Force, Department of State, Federal Bureau-Investigation, Japan Aerospace Exploration Agency (JAXA), Japan Ministry of the Economy, Trade and Industry (METI), Centre National D’Etudes Spatiales (CNES), United Kingdom Space Agency (UKSA), Israel Space Agency, the Greek Ministry of Digital Governance, the Department of Commerce, the National Cyber Director, the National Aeronautics and Space Administration (NASA), IC Commercial Space Council, National Space Council, and French Space Command.