The new attack surface: from space to smartphone

From Spacenews

Key vulnerabilities to watch 

1. Signal jamming & spoofing: Jamming floods a satellite’s receivers with gobbledygook, cutting off legitimate users. Spoofing mimics real signals to hijack data or trick devices into unsafe connections. 
2. Telemetry, tracking & control (TT&C) exploits: TT&C systems manage the satellite’s vital functions. If breached, an attacker could redirect, disable or even take control of a satellite. 
3. Man-in-the-Middle (MitM) attacks: Intercepting data between the user and ground station. It’s complex but possible, especially if encryption or routing is weak. 
4. Physical threats: Cybersecurity doesn’t stop at software. Anti-satellite weapons, space debris, or directed energy attacks like space lasers could knock satellites offline or damage components. 
5. Ground station weaknesses: These Earth-based links often run on cloud platforms, leaving them exposed to phishing, unpatched systems or misconfigurations. 
6. Supply chain attacks: Satellites are built from parts sourced worldwide. A malicious chip or compromised firmware update could introduce vulnerabilities. 
7. Human factors: Insider threats remain a wildcard. A careless administrator, a disgruntled engineer or a poorly secured login could unravel the best technical defences.