CISA has published a table this week that summarizes Chinese activities against cybersecurity. Some attacks have succeeded and enabled hackers to gain a foothold on networks. These attacks are not new. Chinese state hackers targeted last year VPN servers less than a month after the vulnerabilities were discovered. In addition, Chinese hackers aren’t the only ones targeting these particular network devices. Trump wants to improve the cybersecurity of space systems such as satellites as well as the associated ground stations. During the presentation of the paper, White House officials referred to the growing variety of threats to relevant software from foreign opponents.
Once Chinese hackers break into targeted networks, they often use commercial and open source tools to move networks and read data. This also includes the use of penetration test tools. When attacks target publicly accessible web systems such as e-mail servers, the CISA claims that it has often discovered hackers from the Chinese state who use the web shell.
CISA recommends that security teams in corporations understand the common tactics and procedures of Chinese state actors, patch devices and implement detection rules.
In general, the US government encourages owners and operators of space systems to develop and implement cybersecurity plans for their facilities. These would have to ensure that control of spacecraft is retained or in the event of a successful attack, can at least be regained quickly. The integrity and availability of functions, including services provided and data exchanged, should be verifiable.
Protection Against Unauthorized Access
Specifically, the White House is pushing for protection against unauthorized access to critical spacecraft functions. Ground stations and the IT systems are to be shielded by tried and tested practices, in order to reduce the risk of infection with malware and unauthorized access by perpetrators.