#FactCheck - Uncovered: Viral LA Wildfire Video is a Shocking AI-Generated Fake!

Introduction 
‍

In recent years, India has seen tremendous growth in its space industry. The satellite infrastructure of India now provides key services to a variety of sectors, including communication, navigation, broadcasting, disaster management and national security operations. Satellite communications globally will connect remote communities, aid in the delivery of Digital Governance and support India's strategic military capabilities. Given the expanding space ecosystem in India with the involvement of the public sector, private sector and research institutions, the security of satellite communications is becoming increasingly important.  

 At the same time, as satellite communication technologies become more pervasive, the risk of cyber threats targeting space systems increases. Cyberattacks against satellites, ground terminals or communication networks may critically impact, disrupt, damage, and/or destroy essential services, and expose sensitive information. To mitigate these risks, CERT-In (Computer Emergency Response Team), in collaboration with the SatCom Industry Association of India released a Cyber Security Framework and Guidelines for Space Platforms/Systems, including Satellite Communication, in 2026. This framework aims to establish and enhance cybersecurity measures throughout India's space ecosystem, while guiding how to better prepare for and respond to the growing volume of cyber threat activity targeting Space Systems. 
‍

Overview of the CERT-In Space Cybersecurity Framework 
‍

CERT-In introduced a dedicated cybersecurity framework for space systems in February 2026. Developed in collaboration with industry stakeholders, the framework provides guidelines to strengthen the security of satellite communication infrastructure across India. Although the guidelines are advisory in nature, they are designed to promote best practices and encourage organisations to adopt robust cybersecurity measures. 

The framework targets a wide range of stakeholders involved in satellite communication operations. These include government agencies, satellite operators, ground station operators, equipment manufacturers, technology vendors, and emerging space startups. By outlining cybersecurity principles, technical controls, and governance mechanisms, the framework aims to create a coordinated approach to protecting space assets. 

Another key objective of the guidelines is to foster collaboration between the public and private sectors. As India’s space industry expands and private participation increases, maintaining a secure and resilient ecosystem becomes essential. The framework, therefore, emphasises risk management, incident reporting, and continuous monitoring to strengthen the overall cybersecurity posture of the space sector. 
‍

Key Components of Satellite Communication Systems 
‍

Satellite communication systems are made up of multiple interconnected devices that can be used to deliver communication services. The cybersecurity framework groups these elements into three categories: the space segment, the ground segment, and the user segment.  

The space segment is everything related to the satellite itself, including the satellite's onboard systems. This includes the satellite's communication payload, telemetry systems, antennas, power systems, and software that controls its operation. Because satellites operate in remote parts of space with very little opportunity for maintenance, securing these systems is critical in order to guard against unauthorized access to or control of these systems.  

The ground segment comprises the terrestrial infrastructure responsible for controlling the satellite's operations. It consists of satellite mission control centres, ground stations, network gateways and data processing facilities. The ground stations send commands to the satellites and receive telemetry data from the satellites, which makes the ground station a very important physical interface point between the satellite asset located in outer space and a terrestrial network. 

The user segment contains any device terminal being used by either an individual or an organisation that is accessing a satellite service. Examples of user devices are satellite phones, VSAT terminals, modems, and IoT devices connected to satellite networks. Since these devices connect directly to the communication networks, vulnerabilities in user equipment could also represent a significant threat to the cybersecurity of satellite communications. 

Major Cyber Threats to Space Infrastructure 
‍

The space systems that support the delivery of satellite communications are being increasingly targeted with multiple types of cyber threats. A major category includes cyber-attacks on communication links between satellites and ground stations. Cyber criminals can attempt to jam the satellite’s communication link, intercept communication signals, or re-transmit previously sent communication signals in order to disrupt the operation of the affected satellites. 

Attacks on the systems that control the satellite are serious threats to satellite operations. Cybercriminals and hostile actors can perform command injection attacks where commands are sent to a satellite, and the satellite responds through some undesired action. If cybercriminals are able to gain access to the telemetry or command channels, they can potentially disrupt the operation of the satellite or alter the telemetry data being received from the satellite. 

The ground infrastructure that supports satellite communications is still a major target for cybercriminals. Mission control networks and data centres are susceptible to malware, ransomware, phishing, and insider threats. Attackers will frequently target ground stations because they provide a connection point to terrestrial networks and can exploit vulnerabilities from the ground station’s IT systems into the satellite control systems. The combination of these threats illustrates the need for an overall security strategy that encompasses all parts of the satellite communications ecosystem. 
‍

Key Security Principles and Measures 
‍

A comprehensive overview of multiple principles designed to increase the security of satellite communications is provided in the CERT-In Framework on Cybersecurity for Satellite Communications. The first of these principles, security by design, refers to ensuring that all cybersecurity controls associated with a system are implemented at the time of the system's initial design and development, not afterwards; therefore, security controls should be incorporated throughout the entire lifecycle of a satellite system. 

The second principle, which is known as Defense-in-Depth, consists of implementing many different layers or tiers of security controls to protect a system against cyber threats or attacks. An example of the different categories of security controls includes physical security, network security, and access control, among others. By combining security controls across multiple categories, an organisation may be able to reduce the chance that one single vulnerability will result in the loss of the entire system. 

The third principle in the Framework, Zero Trust Architecture (ZTA): Users and/or devices located within a network should not be able to rely on implicit trust. Therefore, every request for access to the network will be verified and continuously monitored for potential threats. 

The previous two principles stated that secure satellite communications should be conducted using strong encryption and authentication methods, as well as secure communications methods, and that an enterprise monitoring system would be put into place to help detect anomalies or suspicious behaviour. 

Conclusion 
‍

India is taking an important step toward protecting its expanding space ecosystem by creating a cybersecurity framework to safeguard cyberspace systems from cyber threats. The CERT-In guidelines offer a structured means of reducing the likelihood of cyber threats impacting satellite communication infrastructure through secure system design, continuous monitoring of systems and creating consistent partnerships among organisations. As well as providing evidence that both government and private sector organisations share a collective responsibility for the protection of space assets, both sectors participate in a collaborative effort.

India will need to implement rigorous cybersecurity measures as it expands its space infrastructure in order to ensure the continued availability of critical space infrastructure and ultimately develop its existing commercial satellite business operations with the highest level of safety and security.

References 
‍

1. https://www.cert-in.org.in/s2cMainServlet?pageid=GUIDLNVIEW02&refcode=CISG-2026-01
2. https://www.pib.gov.in/PressReleasePage.aspx?PRID=2233122&reg=3&lang=1

‍

Introduction

THE DIGITAL PERSONAL DATA PROTECTION BILL, 2022 Released for Public Consultation on November 18, 2022THE DIGITAL PERSONAL DATA PROTECTION BILL, 2023Tabled at LokSabha on August 03. 2023Personal data may be processed only for a lawful purpose for which an individual has given consent.  Consent may be deemed in certain cases.The 2023 bill imposes reasonable obligations on data fiduciaries and data processors to safeguard digital personal data.There is a Data Protection Board under the 2022 bill to deal with the non-compliance of the Act.Under the 2023 bill, there is the Establishment of a new Data Protection Board which will ensure compliance, remedies and penalties.

Under the new bill, the Board has been entrusted with the power of a civil court, such as the power to take cognisance in response to personal data breaches, investigate complaints,  imposing penalties. Additionally, the Board can issue directions to ensure compliance with the act.The 2022 Bill grants certain rights to individuals, such as the right to obtain information, seek correction and erasure, and grievance redressal.The 2023 bill also grants More Rights to Individuals and establishes a balance between user protection and growing innovations. The bill creates a transparent and accountable data governance framework by giving more rights to individuals. In the 2023 bill, there is an Incorporation of Business-friendly provisions by removing criminal penalties for non-compliance and facilitating international data transfers.  

‍The new 2023 bill balances out fundamental privacy rights and puts reasonable limitations on those rights.Under the 2022 bill, Personal data can be processed for a lawful purpose for which an individual has given his consent.  And there was a concept of deemed consent.The new data protection board will carefully examine the instance of non-compliance by imposing penalties on non-compiler.The bill does not provide any express clarity in regards to compensation to be granted to the Data Principal in case of a Data Breach.Under 2023 Deemed consent is there in its new form as ‘Legitimate Users’.The 2022 bill allowed the transfer of personal data to locations notified by the government.There is an introduction of the negative list, which restricts cross-data transfer.

Incident Overview

Earlier this week, the Chinese media reported that several ‘Macau’ government websites were hacked, indicating a significant targeted cyberattack. The hacked website includes those of the office of the Secretary for Security, the public security police, the fire services department and the Security Forces Services Bureau. It was reported that the police have launched a criminal investigation to trace the source of the crime. Furthermore, officials believe the source of the intrusion was likely from overseas, and authorities have carried out an emergency response in conjunction with telecommunication operators to restore affected services on a priority basis. The densely populated Macau is a special administrative region on the south coast of China and the cyber attacks on the essential government website of China raise a serious concern. 

Response and Mitigation

Macau's authorities carried out an emergency response in collaboration with telecommunication operators to restore regular services as a distributed denial-of-service attack (DDoS) was reported to be carried out on certain government websites which resulted in the inactivity of those several websites. The country's security forces instructed Macau Telecom to investigate the incident and submit a report and improvement plan to prevent similar attacks in the future.

Context and Implications

The hack on the government websites of Macau is not a single incident; rather, it is a part of an increasing pattern of cyberattacks on the region's vital infrastructure. According to a recent report, the frequency of cybercrimes has tripled since 2020, targeting Macau's critical infrastructure, which is worrying. This pattern draws attention to the growing threats that public sector organisations and governments throughout the world confront.

Final Words 

In light of such sophisticated attacks targeting vital infrastructure or critical government operations, it is imperative that the country ensure powerful cybersecurity strategies and measures. Implementing robust cybersecurity measures, developing incident response planning, regular security checks, employee training on cyber hygiene, public awareness and capacity building and international collaboration to jointly develop and plan counteract strategies is a crucial step to build safeguards against such cyber threats.

The incident of a cyberattack on the government websites of Macau serves stark reminder of the evolving threats and cybersecurity challenges, it is a serious concern when critical government websites are compromised by malicious actors. It highlights the necessity for continuous vigilance and cybersecurity measures in place to counter such cyber attacks. A comprehensive approach to cybersecurity, the government can enhance their overall cybersecurity posture, establish resilience against such threats in future, and save the functionality of essential government websites. 

References:

1. https://macaudailytimes.com.mo/websites-of-office-of-the-secretary-for-security-targeted-in-a-cyber-attack.html
2. https://www.reuters.com/world/china/several-macau-government-websites-hacked-says-chinese-state-media-2024-07-11/
3. https://4imag.com/several-macau-government-websites-hacked-says-chinese-state-media/
4. https://www.aol.com/news/several-macau-government-websites-hacked-001435511.htmlhttps://therecord.media/macau-government-websites-hit-with-cyberattack
5. https://macaonews.org/news/city/macau-cyberattacks-cyber-security-attacks-macao/

‍