Hi guys,

Star Wars has officially started!!

Thales, a multinational defence and aerospace company, has successfully conducted a test run in which it seized control of a satellite managed by the European Space Agency (ESA). The experiment involved hacking into the satellite’s command and control system and transmitting commands, demonstrating how space systems can be vulnerable to cyberattacks. Although the tests were conducted in a controlled environment, it highlights the risks of a malicious actor taking control of a satellite in the real world, which could have potentially devastating consequences. The incident underscores the importance of ensuring the security of space-based infrastructure, as cyber threats continue to pose a significant challenge to space exploration and security.

You can read the full statement by going HERE, and in case you do not have time, here are the main points:

“The European Space Agency (ESA) challenged cybersecurity experts in the space industry ecosystem to disrupt the operation of the agency’s OPS-SAT demonstration nanosatellite. Participants used a variety of ethical hacking techniques to take control of the system used to manage the payload’s global positioning system, attitude control system1 and onboard camera. Unauthorised access to these systems can cause serious damage to the satellite or lead to a loss of control over its mission. Thales’s offensive cybersecurity team worked with the Group’s Information Technology Security Evaluation Facility (ITSEF2) for this unique exercise, which demonstrates the need for a high level of cyber resilience in the very specific operating environment of space.

The Thales team of four cybersecurity researchers accessed the satellite’s onboard system, used standard access rights to gain control of its application environment and then exploited several vulnerabilities to introduce malicious code into the satellite’s systems. This made it possible to compromise the data sent back to Earth, in particular by modifying the images captured by the satellite’s camera, and to achieve other objectives, such as masking selected geographic areas in the satellite imagery while concealing their activities to avoid detection by ESA. The demonstration was organised specifically for CYSAT to help assess the potential impact of a real cyberattack and the consequences for civilian systems.”

It is really good to see how these critical systems are being tested and secured, but it does make you wonder why these vulnerabilities were even present in the first place. From what I can see, the Thales team could hack the system effortlessly.

Anyway, I’m updating you on what is happening in Star Wars!

Wishing you an incredible moment were ever you are.