Why it matters: At this year's summer edition of the DEFCON conference, which is scheduled for mid-August in Las Vegas, security professionals and white hat hackers will have the chance to try the security defenses of an actual satellite in space. As space capabilities are increasingly pivotal for digital applications, the importance of cybersecurity in this field continues to grow..
The DEFCON hacker convention is usually the place where analysts and code tinkerers assemble to try and defeat security defenses on computers, vehicles or other "terrestrial" technologies. This year, however, the Las Vegas event will provide eight teams of white hat hackers with the chance to compromise an actual satellite orbiting in space.
Organized with the help of the US Space Force, which is an actual – albeit very small in size – federal agency dealing with GPS, military satellite communications and other space-related operations, the Hack-A-Sat 4 contest will let hackers attack some real space hardware for the first time in the history of the conference.
More than 380 different teams took part in the qualification rounds in April, but only eight of them – including contestants coming from Australia, Germany, Italy, and Poland – will join the final contest in Las Vegas. During the previous Hack-A-Sat editions, coders had to hack a real satellite that wasn't actually in space. This year, the hackers will have access to the Moonlighter orbiting satellite.
The Moonlighter was launched aboard a SpaceX rocket on June 5, reaching the International Space Station soon after. A foot-long toaster-sized cubesat satellite with extendable solar panels, Moonlighter was designed to be hacked and includes all the security defenses that hackers will have fun playing with. The satellite has no way to change its orbit, and ground controllers can reboot the system to regain control and kick out any intruder.
According to plans, the Moonlighter satellite should be deployed in orbit at the beginning of July. In August, Hack-A-Sat 4 contestants will have a 72-hour period to test their penetration capabilities in space in a capture-the-flag style confrontation, which will likely require a closer collaboration and a pre-defined schedule among coders to try and succeed in the task.
The Hack-A-Sat 4 contest comes in the wake of the real-life hacking intrusion by the Russian military against the Viasat KA-SAT European satellite network, which was successful in shutting down Ukrainian communications at the start of the invasion in February 2022. Space security has become a real cause for concern for both military and civil agencies, and it will be increasingly so with the expected deployment of new satellite networks in the upcoming months and years.