CYSEC / CYSAT team is consistent in creating genuine dialogue among decision-makers in space cybersecurity, bringing the agenda in line with the latest events in the "Star Wars" domain, turning discussions into practical steps for global and European security and taking into account all the elephants in the room. In this recap, we cover the key insights.

Space cyber threat intelligence & The human attack aurface

‍

Only from open-source data alone there were 407 cyberattacks identified against the space sector in 2025, according to Clémence Poirier, Senior Cyberdefense Researcher at ETH Zurich. 

‍

Attack volume tracked closely with geopolitical flashpoints: spikes followed the Trump-Zelensky White House meeting, US-China tariff escalation, the India-Pakistan crisis, and especially the Iran-Israel war in June, which produced the year's sharpest surge. Civilian space companies with no link to a conflict zone were targeted regardless – a reminder that threat models can't assume geographic or political distance offers protection.

‍

But space cyber threat intelligence itself is fragmented, and there is still no universal counting methodology. Clémence Poirier says, organizations should calibrate their threat model to their own exposure (customers, geography, conflict proximity) rather than borrowing someone else's numbers. At the same time, mandatory incident-reporting regimes carry their own risk: if the authority collecting those reports is itself compromised, attackers may learn whether they've been detected.

‍

‍

Space-sector staff are increasingly direct targets. The INC Ransom group's 2025 attack on US defense/space contractor Stark Aerospace included copies of staff passports among the 4 TB of data claimed stolen, alongside satellite-program documentation. Ukraine's military intelligence (HUR) similarly exfiltrated personnel files, home addresses, and résumés from Russian strategic-aviation manufacturer Tupolev in 2025. 

‍

Insider threats are also rising. North Korean IT workers have been infiltrating Western companies at scale using fraudulent identities to land remote roles – a scheme CrowdStrike says grew 220% in the past year – and Poirier noted space firms are now among the targeted sectors, pursued for both salary income and access to sensitive technical data. Clémence Poirier will share more cases in her forthcoming 2025 threat landscape study.

‍

‍

Quantum resilience & The race for secure space infrastructure

‍

As space becomes increasingly accessible to private companies and organizations – e.g. a satellite operator SpaceSelfie offering consumer-facing services such as taking selfies from orbit or research project Urban Pulse with satellite observations documenting  in real time dynamic changes of six global cities – the security baseline shifts accordingly: quantum-era threats and cryptographic vulnerabilities must be anticipated rather than reacted to.

‍

‍

The importance of quantum resilience, post-quantum cryptography, and quantum key distribution as a field where MoDs, institutions, academia, and trusted private companies need to develop together in Europe was discussed in the panel discussion "Quantum Resilience for Space Systems: Preparing the Transition to Post-Quantum Security," moderated by Erin M. Miller, Executive Director, Space ISAC.

‍

Speed of execution and system-level thinking are key – security cannot be addressed in isolation, but must be designed as an integrated, cross-domain effort.

‍

‍

Europe’s regulatory stack meets a new orbital reality

‍

One of the biggest European challenges is a legal and regulatory mismatch between 20th-century space law and 21st-century cyber-physical dependency. Here are listed main acts currently regulating the space sector. 

_{Liability Convention 1972: UN treaty on liability for damage caused by space objects. Makes the launching State liable, with strict liability for damage on Earth or to aircraft, and fault-based liability in outer space.}

_{European Electronic Communications Code 2018: The EU’s main telecom rulebook. It harmonizes rules for electronic communications, broadband rollout, consumer protection, spectrum, and competition across the EU.}

_{Cyber Resilience Act 2024: EU regulation requiring products with digital elements to meet cybersecurity requirements throughout their lifecycle. Focuses on secure-by-design products, vulnerability handling, and compliance duties for manufacturers.}

_{EU AI Act 2024: First major EU law on AI, built around a risk-based framework. It bans some harmful uses, sets strict rules for high-risk systems, and adds transparency obligations for other AI uses.}

_{EU Space Act 2025: Proposed EU regulation for the safety, resilience, and sustainability of space activities. Aims to harmonize rules across Member States and strengthen oversight of space operators.}

‍

‍

It’s very important to adapt cybersecurity and digital regulation to the space domain reality: space systems are no longer isolated “hardware missions,” but deeply networked digital infrastructures that behave more like critical cloud-IoT-telecom ecosystems in orbit, says Laetitia Cesari, Doctor of Laws.

‍

ALPSTAR: toward a federated infrastructure model for space

‍

Colonel Ludovic Monnerat, Head of Space Command within the Swiss Armed Forces, presented the ALPSTAR project developed by Switzerland’s civil and military space community within the European Space Agency (ESA).

‍

ALPSTAR is designed as a federated, agnostic network of ground stations and satellites (like “Airbnb for space infrastructure”), enabling participating states and their commercial partners to share and pool space resources without central orchestration and without compromising sovereignty.

‍

Today, space operations depend heavily on:

^{- Nationally owned ground stations}

^{- Proprietary satellite networks}

^{- Centralized command architectures}

^{- Fragmented access between civil, military, and commercial actors}

‍

This creates inefficiencies, duplication and strategic dependency.

‍

‍

ALPSTAR is designed as a network of networks, where:

^{- Ground stations and satellites remain owned by different states or organizations}

^{- Participants can share capacity (data, bandwidth, access windows}

^{- There is no single central operator (“no conductor”)}

^{- Each participant retains full sovereignty over its assets and data}

‍

ALPSTAR reflects a broader shift in space and defense thinking – from platform-centric systems to network-centric ecosystems, from closed national systems to trusted federations, and from static infrastructure to adaptive, shared capacity models. 

‍

In practical terms, it aligns with the way modern conflicts and space operations are evolving: increasingly distributed, contested, and highly dynamic, requiring greater resilience, flexibility and collaboration across actors.

‍

This announcement is especially valuable, as Switzerland itself is a strong example of a well-functioning multinational and multilingual state, where diversity and sovereignty are balanced through a shared institutional framework. From this perspective, ALPSTAR can indeed be a good fit for a multinational Europe and its growing challenges in the space domain, where collaboration, sovereignty, and resilience must be carefully aligned rather than centralized.

‍

‍

Human-centered intelligence in the age of AI and defense

‍

At CYSAT Paris participated Luc Julia, a French computer scientist, entrepreneur, and pioneer in artificial intelligence and human-computer interaction. He is best known as one of the co-creators of Siri, the voice assistant technology later acquired by Apple and integrated into the iPhone. 

‍

Before Siri, he worked on advanced AI and speech-recognition projects at SRI International, contributing to technologies that originated from DARPA-funded research programs. 

‍

Throughout his career, Luc Julia has held leadership roles at major technology companies, including Apple, Samsung, and Hewlett-Packard. He is currently Chief Scientific Officer at Renault Group and is a prominent advocate for practical, human-centered AI.

‍

Key takeaways from Luc Julia's speech at CYSAT Paris

AI is mathematics, not magic.

The public perception of AI is still shaped by "Hollywood AI" narratives.

AI is a tool in our hands; it is not responsible for its actions – we are.

Use AI critically, not blindly.

Responsibility, accountability, and ethics cannot be delegated to AI.

The future is not AI versus humans, but human intelligence working together with artificial intelligence.

The more local the system and the less connectivity it requires, the better it can be for security.

You must control what you put into the system.

AI can support battlefield operations, but it cannot and should not be 100% autonomous.

There is always a human pushing the button.

‍

‍

Trust, incentives and structural bottlenecks in space cybersecurity ecosystems

‍

An important point was raised by César Carmona from Novaspace regarding an ecosystem bottleneck: sharing sensitive information among industry and space institutions must be done on the basis of mutual  trust. However, if an institution gets access to industrial sensitive information, while it is simultaneously one of the largest customers of industry, this can create a competitive conflict of interest.

‍

Imagine that Company A discovers a major vulnerability in its systems – one that Company B may also be exposed to. At the same time, Institution C is a customer of both companies. Company A may be reluctant to disclose that vulnerability in front of Institution C while competing against Company B for future business. For this reason, these space institutions should provide mechanisms guaranteeing a trusted environment among industrial actors and preventing competitively disadvantageous situations.

‍

Research institutions are legitimate ISAC members among industrial partners because they research on both the root causes and the solutions from which industry can benefit. At the same time, industry can provide their operational view, which can help researchers work on more realistic scenarios, creating a virtuous circle.

‍

This is a very important topic to discuss and a common challenge that the ecosystem must address.  

‍

So, let’s try to solve it later this year in Madrid. 

‍

‍

CYSAT Madrid: where Europe’s space cybersecurity debate continues

‍

The announcement of CYSAT Madrid 2026 follows opening session of CYSAT in Paris, where Dulce Sánchez, Head of the Security and Certification Department at the Spanish Space Agency, set out the agency's position: cybersecurity should be treated as the foundation for industry growth, mission reliability, and Europe's strategic autonomy. Spain is now ESA's fourth-largest strategic contributor, accounting for 8.44% of the agency's budget.

‍

‍

Building on that momentum, the Comunidad de Madrid's Cybersecurity Agency, together with the DIGITALIZA MADRID Innovation Center, confirmed it will host two flagship events as part of Madrid Tech Week this October:

- The Spanish chapter of CYSAT, supported by the Comunidad de Madrid, will take place on October 28, 2026, during Madrid Tech Week, one of the largest technology festivals in Europe.

- On October 29, 2026, THE SIGN 2.0 Space Cybersecurity Hackathon will return to Madrid, following the success of last year's edition, bringing together the next generation of space cybersecurity talent.

‍

‍

With these two events, Madrid is continuing the conversation started in Paris about all-European security, collaboration and innovation in space cybersecurity.

‍

Among the confirmed speakers and participants at CYSAT Madrid are the Spanish software company Integrasys, Space ISAC, SPSIN, and high-level representatives of Spain's and Iberia's space tech and cybersecurity sector. 

‍

Coordinators of CYSAT Madrid - THE SIN.MEDIA & RCC.Advisory.

‍

‍

For event updates, the complete agenda, and registration details, please visit: www.cysat.eu/cysat-madrid

¡ Nos vemos en Madrid !

‍

_{Author: Tatiana Skydan, Co-Founder & Editor-in-Chief at THE SIGN.MEDIA} 

‍