Iranian-aligned hackers are using AI to step up cyberattacks on space infrastructure during the Iran war, experts warned this week. The technology is boosting the scale and sophistication of their operations and making them harder to track.
Escalating Attacks on Satellites
Norm Laudermilch, chief information security officer at spatial intelligence company Vantor, said security alerts doubled in the first four weeks of the conflict. He estimated the company is now operating at roughly four times its pre-war tempo.
Iranian-backed groups are targeting both military and civilian satellites, according to Clémence Poirier of ETH Zurich’s Centre for Security Studies. AI tools help attackers pick high‑value targets, clean up language in phishing messages and automate parts of their campaigns.
From Defacement to AI‑driven Intrusion
One state-aligned group, Handala, has shifted from simple website defacement and phishing to AI‑enhanced credential theft, personnel operations, data leaks and advanced social engineering. Attackers now use techniques such as AI‑driven voice impersonation to mimic senior executives and trick staff into sharing sensitive information.
Poirier said hacktivist groups are also lasting longer, which complicates efforts to map and monitor them. It is getting harder for analysts to know where these actors will surface next and avoid missing newly discovered vulnerabilities discussed in their private channels.
Containment and Detection Over Prevention
In this environment, Laudermilch argued that containment and detection matter more than traditional prevention and patching alone. AI‑generated exploits make system behaviour less predictable, so defenders must quickly spot and isolate anything that operates outside expected parameters.
He recommended multi‑factor authentication, identity‑centric security controls and intensive security awareness training. Companies should assume credentials will be stolen and design systems so that stolen logins are difficult to use.
AI as Both Shield & Weapon
Poirier noted that AI will increasingly appear on the defensive side as well, with satellites carrying onboard systems to detect cyber incidents. But she called AI a double‑edged sword, since attackers can also target these defensive tools.
Because not every satellite vulnerability can be patched, she said operators should focus on fixing the most critical and likely weaknesses, while strengthening detection to catch attacks that slip through.
Click Here For The Original Source.
