As I noted in a recent blog post, securing outer space was a topic of great importance for those in academia, government, and critical infrastructure at RSA Conference 2024. We continue to see space exploration making headlines, validating RSAC speaker Patrick Lin’s hypothesis that outer space is the next frontier for cybersecurity.
According to C4ISR Net, space systems have historically flown under the radar of cyberthreats, “But as space continues to become integral for warfare, US military assets are increasingly at risk of incapacitation or destruction.” The proliferation of satellites in space is generating a debris problem which is also creating a constellation playground where potentially harmful space vehicles can hide. Space Information Sharing and Analysis Center (Space ISAC), which has a cross section of members representing commercial, defense, and intelligence communities, recommends maintain a high threat level for the space industry because of the threat of State-sponsored attacks.
Additionally, the US must ensure the resilience of space systems. Space News noted, “The escalating trends of commercial and defense collaboration in space, and the increasing usage of remote access, are opening up new risks and avenues for cyberattacks against space-based critical infrastructure.”
We continue to see cyber espionage operations with reports of Chinese hacking groups collaborating in such campaigns. To learn more about the threats of nation state actors, visit our Library.
Have insights or experience to share with the RSAC community? We accept RSAC 365 submission year-round. Share your insights on a seminar, webcast, podcast, or blog.
Now let’s take a look at what else made industry headlines this week.
Jun. 7: According to Security Week, SolarWinds is releasing a new version of its platform with patches for “multiple high-severity vulnerabilities.”
Jun. 7: A relatively new Ransomware-as-a-Service, known as Ransomhub, is on the rise.
Jun. 6: The attack against Snowflake may turn into one of the biggest data breaches.
Jun. 6: Threat actors are using legitimate and commercially available packer software to evade detection and distribute malware.
Jun. 5: The FBI warns of the LockBit ransomware group and urges potential victims to contact the Bureau’s Internet Crime Complaint Center.
Jun. 5: The Cybersecurity and Infrastructure Security Agency is hosting its first Informational and Communication Technology Supply Chain Risk Manage Task Force Conference.
Jun. 4: TikTok announced cybercriminals are targeting brands and celebrities on the app.
Jun. 4: “An API authorization-bypass flaw in the infrastructure of a leading US broadband provider exposed millions of business customer devices to attack,” Dark Reading reported.
Jun. 3: A UK school was forced to close following a cyberattack.
Jun. 3: Security researchers found a vulnerability in Azure Service Tags that could allow attackers to access customers data.