In today’s world, both society and organisations heavily depend on digital information exchanges, many of which are facilitated by space infrastructure like communication satellites. From the user’s perspective, these processes occur seamlessly and transparently. However, the potential compromise of these technologies could swiftly plunge our lives into significant turmoil.
Agile and tech-dependent organisations are becoming targets for cybercrime, both because of the rise of digital assets, infrastructure, and information, and the recent and current health and political situation. The damage cost of a cyberattack is also increasing, as well as the value of a given vulnerability. Cybercrime caused $6Tn global annual damage in 2021, with an average damage per cyber-attack ranging from $200k up to $4.3M.
Ethiack is a Portuguese startup on a mission to prevent these situations from happening. They are experts in ethical hacking, which is a cybersecurity practice where authorised professionals simulate malicious attacks on computer systems, networks, or applications to identify and rectify vulnerabilities before they can be exploited by malicious hackers.
With offices at the Instituto Pedro Nunes in Coimbra, Ethiack offers their Software as a Service (SaaS) via the Ethiack Portal. This platform seamlessly integrates human ethical hackers with artificial intelligence, offering ongoing, immediate, and cost-effective offensive security testing, encompassing vulnerability identification, vulnerability management, and attack surface management. In practical terms, it provides executives with the means to reduce the risk of cybercrime and offers IT and security teams a pathway to enhance productivity.
The Ethiack team includes a range of interesting and complementary skills. Critically, it combines experience in ethical hacking, having helped protect top organisations such as Dropbox, Airbnb and Facebook, with a background in space entrepreneurship, which led them to identify the in-orbit infrastructure and communication technologies as a potential sector to expand into.
With this in mind, Ethiack have successfully completed a Spark 4 Tech project with ESA Space Solutions Portugal to extend their activity to the space sector. Within the scope of this project, they have taken the first steps into developing a combination of autonomous machine-probing techniques and human in-depth testing for the new space sector. They have designed a new Artiacker called Cosmo. Artiacker, short for artificial hacker, is the autonomous component of the system, which allows probing of vulnerabilities on an immense scale and in a short amount of time.
Cosmo targets several information transfer protocols (e.g. FTP or DNS) and integrates with third party APIs and platforms (such as Slack or Trello). It provides a combination of real-time updates and notifications with comprehensive reporting, enabling the human follow-up component to be more effective and focussed on the critical vulnerabilities. Ethiack worked to develop authenticated hacking modules and implement unique hacking techniques for the space industry, covering complex and advanced Common Vulnerability Exposures (CVEs) for their customers.
Jorge Monteiro, CEO of Ethiack, was pleased with the overall outcome of this project. He said: “The project Cosmo allowed Ethiack to gain valuable insights on the technological interconnection between Space and Earth and opened a new business frontier to our technology. Thanks to Spark 4 Tech, we could understand the specific needs of the space sector regarding security testing and developed a new product able to answer their needs. I would recommend it to all companies thinking about expanding to the space sector.”
Ethiack has added Cosmo to their Portal to help new space businesses prevent cyberattacks.
Pedro Lacerda, 15 January 2024.
Notes: the article is written in British English.