India Needs Better Cybersecurity for Space, Critical Infrastructure

As attacks on satellites rise with nation-state conflicts, the South Asian nation joins other space-capable countries in doubling down on cybersecurity.

A year ago, India landed a spacecraft — the Chandrayaan-3 — on the moon, becoming only the fourth nation to accomplish such a feat.
Yet, while the country continues to invest in its space capability and ground-based support infrastructure, a greater focus on cybersecurity is necessary to protect the software and hardware on which the systems rely, Dr. Sreedhara Panicker Somanath, chairman of the Indian Space Research Organization, said in a speech last week at the groundbreaking for a cybersecurity training center.
With nearly five dozen satellites in orbit, large nationwide networks for collaboration, and command-and-control networks that connect across the globe for 24-hour access to space-based assets, India needs to focus on
cybersecurity for the entire system
, he said.
When the Chandrayaan-3 was landing, our data was coming from Australia and Spain and South Africa and many other places, and we have been coordinating to work with all of this during the landing process,
he said
. You should all realize that such command and control of satellites from across the globe could be very, very vulnerable, and ... many of our satellites can become ... easily targets of such attacks.
India is one of perhaps a dozen nations with space ambitions. The competition between nations has bred threats to ground- and space-based infrastructure, and attacks on space systems have increased as nation-state conflicts have heated up. In 2022, Russian attacks on Ukraines connection to the
Viasat KA-SAT network
caused communications outages as the Russian army invaded the country. Soon after, Russia cyber-operators attempted to hack and jam the Starlink network,
SpaceX CEO Elon Musk stated at the time
, while hackers claimed responsibility for delivering malware to a host of satellite terminals,
taking communications offline in 2023
.
The attacks demonstrated to the world that
the cyberthreat to satellites is real
, although attackers to date have mostly focused on disrupting communications. However, an emerging space effort, such as Indias, could attract regional attackers, says Patrick Lin, director of the Ethics + Emerging Sciences Group at California Polytechnic State University in San Luis Obispo, which
received a grant in 2022
from the National Science Foundation to study cybersecurity for space systems.
India doesnt have as many adversaries as the United States does — its main competitor and sometimes adversary is China, but it also has tense relations with Pakistan, he says. China has advanced cyber capabilities as well as a strong space program, and it doesnt like regional competition much, so its not a stretch to think that China and others might target Indias rise as a major space power.
Indias current effort aims to develop the cybersecurity tools and expertise to protect its space-focused systems and software, much of which are created in-house or by domestic firms. India already sees more than 3,300 attacks per week per organization, which is 81% higher than the global average of 1,830 attacks, according to data from Check Point Software.
Rapid digitization makes India a growing target, says Omer Dembinsky, data research group manager at Check Point Software.
Indian organizations face double the global average of cyberattacks due to rapid digitalization, which has outpaced the implementation of robust cybersecurity measures, creating a large attack surface, he says. A fast-growing Internet user base, underdeveloped cybersecurity infrastructure not able to keep up with the growing sophistication of cyberattacks, and lack of cybersecurity awareness within organizations also make them attractive targets.
The aerospace and defense sector is ranked as the fifth most-attacked industry, and Indias space agency reportedly
faces more than 100 attacks daily
.
Other space-based nations are rapidly researching the potential of cyberattacks targeting space assets and how to defend against those attacks. The US National Institute of Standards and Technology (NIST) has teamed up with MITRE Corp. to create
a version of its NIST Cybersecurity Framework for the space sector
, while The Aerospace Corp. has created the Space Attack Research and Tactics Analysis, or SPARTA, matrix. The Aerospace Corp. also worked with the US military to
create a satellite that can act as a testbed
for real-world cyberattacks on space assets, called Moonlighter.
Space is not the only industry that needs cybersecurity professionals, so government initiatives such as Atmanirbhar Bharat — or Self-Reliant India — hope to create more startups and a larger ecosystem of homegrown software. Indian organizations have more than 40,000 openings for skilled cybersecurity workers, according to
tech staffing firm TeamLease
. The country had only about 100,000 cybersecurity professionals in 2021, which tripled to 300,000 in two years.
The need for increased cybersecurity expertise is acute, says Check Point Softwares Dembinsky. The country needs to support more training for cybersecurity professionals and emphasize a focus on cyber-awareness training programs.
The demand for proficient cybersecurity professionals surpasses the qualified talent pool, creating a significant industry void, Dembinsky says. Currently, a lot of focus on
skilled cybersecurity professionals burnout
is being reported on, due to the consistent nature of managing these evolving threats.
In addition, the focus on research and development in space technology means that most projects are novel and lack rigorous security testing. The reality of these obscure technologies is that they both benefit — and suffer — from their uniqueness, says CalPolys Lin.
Many space projects today are ... one-of-a-kind prototypes in this new era of experimentation with space technologies, he says. This provides a security by novelty layer of protection, but the flip side of that is, if your technology is under-studied by threat actors, that means you dont know where your systems vulnerabilities are, either.
The lesson for India should be that critical infrastructure — whether it supports scientific research, corporate intellectual property, or financial transactions — is not safe, says ISROs Somanath.
Nothing is safe in the world — I think anybody can hack or create havoc in our system, he said. The data that we have collected, especially the design data, or the personal data or the scientific data that we are created over the years, could all be very vulnerable.
Dont miss the latest
Dark Reading Confidential podcast
, where we talk to two cybersecurity professionals who were arrested in Dallas County, Iowa and forced to spend the night in jail -- just for doing their pen-testing jobs.
Listen now!

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
India Needs Better Cybersecurity for Space, Critical Infrastructure