The Indian Computer Emergency Response Team (CERT-In) has issued a stark warning about the increasing cyber threats to satellite communications, cautioning that "each new satellite added to this intricate network is both an engineering marvel and a potential target for cyber threats".
"With satellites now deeply integrated into essential daily operations- from navigation to transaction synchronization - any disruption can lead to widespread repercussions," the agency said in an advisory released on February 4, 2025.
This comes at a time when India's space tech ecosystem has been buoyed by a host of regulatory push, in the form of the Indian Space Policy 2023 and so on, and which, in the subsequent years has played a major role in many startups launching their own satellites.
Also read: Bengaluru-based Pixxel and Digantara launch satellites aboard SpaceX's Transporter-12
The advisory highlights a range of vulnerabilities, from hackers gaining control of satellites to signal jamming, data breaches, and AI-driven cyberattacks.
One of the most alarming risks is command and control interference, where attackers could "potentially take control of the satellites, redirecting or disabling them", CERT-In said.
The agency also flagged concerns over onboard software vulnerabilities, which could allow attackers to inject malicious code or gain unauthorised access, as well as supply chain attacks, where compromised vendors could expose satellite systems to breaches.
"Malicious actors can jam satellite signals, disrupting communication services. They can also spoof signals, sending false information to mislead or deceive users and systems relying on satellite data. This can lead to significant disruptions in communication and navigation systems," the advisory said.
The advisory also warns about the role of AI in automating attacks, stating that artificial intelligence "can be used to automate attacks, analyse large datasets for vulnerabilities, and create very convincing phishing content".
To counter these risks, CERT-In recommended a series of cybersecurity measures, including multifactor authentication (MFA), encryption of data both in transit and at rest, and regular software updates to patch vulnerabilities.
It also advised implementing Quantum Key Distribution (QKD) for enhanced encryption security, along with network segmentation to isolate critical satellite systems from other networks.
The agency further stresses the need for regular security audits, supply chain risk management, and employee training to reduce the risk of human error in cybersecurity breaches.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
