Up to 60% of cybersecurity incidents are related to ransomware, with slightly fewer cases involving DDoS attacks and malware infections. As technology has progressed, however, new types of cyber threats have emerged: Gartner, for example, predicts that by 2025, 45% of organizations worldwide will face attacks on software supply chains. However, there is another cyber threat that humanity has yet to fully come to terms with: attacks on satellites. These systems provide communication and navigation services, making their protection a matter of national security.
Our dependence on satellites is constantly growing, turning them into potential targets for both individual hacker groups and states. While physical interference and espionage were the primary threats to satellites in past decades, the risk landscape has expanded significantly due to cyberattacks. This shift has been driven by the digitalization of not only ground-based processes but also those in space. Additionally, the availability of AI-powered tools allows for complex cyberattacks carried out with fewer resources and less expertise than in the past.
A new battlefield is thus emerging before our eyes. This means the world needs different security approaches to protect satellites and other space assets from cyber threats. Just how serious is this threat? What could happen if a satellite is disabled? And what measures are already being implemented to prevent worst-case scenarios? We explore such questions in this article.
Source: NASA
Space is the new battleground for cyberwarfare
The connection between space and cybersecurity is clearly outlined in a US Space Force (USSF) document called “Operations: Doctrine for Space Forces.” The document notes that the space communications segment “includes the information operations environment (including cyberspace).” The authors further explain: “Because space systems provide a significant amount of global bandwidth there is a symbiosis between operations in space and in cyberspace.” Conventional approaches to data exchange and network architecture, which do not align with the current needs of space infrastructure, make it more vulnerable to cyber threats.
This is confirmed by General Stephen Whiting, who led U.S. Space Command until 2024. He describes cyberspace as the “Achilles heel” of global space networks and warns of the cyber threats that space systems are already facing and will continue to encounter in the future. In his view, cyberwarfare and space warfare share many similarities, and cyber threats to space assets are very real. This means they require close attention, always considering the close interconnection between space and cyberspace.
Source: U.S. Space Force
The first recorded successful cyberattack on satellites took place in 1986 and targeted the television company HBO. A hacker using the alias Captain Midnight hijacked a broadcast for 4.5 minutes to display his own video message in protest against rising satellite TV service prices.
In 2024, nearly 40 years later, more than 100 cyberattack attempts on space systems were being recorded every week (!) according to data from the Space Information Sharing and Analysis Center (Space ISAC).
Source: Freepik.com
Attack on Viasat satellites in February 2022
One recent example of a successful space-based cyberattack was the February 2022 cyber sabotage carried out by Russia against Viasat. This major player in the satellite communications market, which provides services to both commercial and military entities, operates its own satellites (the latest, ViaSat-3, was launched in 2023). On February 24, 2022, the day Russia launched its full-scale invasion of Ukraine, Viasat’s Ka-SAT satellite network was targeted. The attack disabled modems that provided communications for Ukrainian military forces. Later, Viasat confirmed that the goal of the attack was not to gain access to data but to disrupt customer service.
Beyond Ukrainian users, the attack also affected a major energy company in Germany, which lost the ability to monitor more than 5,800 wind turbines. Additionally, users in France, Hungary, Greece, Poland, and Italy were left without service for periods ranging from several days to two weeks. This case highlights two key takeaways: 1) Conflicts that start on Earth can extend into space; and 2) the consequences of cyberattacks in space can be severe.
Source: @netblocks on X
Increasing vulnerability to cyber threats
There are several reasons for the growing vulnerability to cyber threats to space assets:
First, there are still no reliable tools for the proactive detection of cyber threats in space.
Second, effectively countering space-based cyber threats requires close cooperation between technology companies and governments of countries with advanced space programs. However, this is complicated by the growing trend of deglobalization, where major nations strive for economic and technological independence.
Third, security is rarely a primary focus in the development of space systems and their software. Nevertheless, it is crucial to ensure that the data they collect and transmit is protected from theft, deletion, or alteration by malicious actors.
The danger of cyber threats to satellites and other space systems is not only due to new methods of bypassing security (although that is also happening). The simple fact is that the space sector is rapidly evolving, and there are now more satellites in orbit than at any point in the nearly 70 years since Sputnik-1 was launched in 1957. At the same time, modern satellites rely on numerous interconnected digital systems. As a result, a failure in just one of them could trigger a chain reaction.
Source: ESA/ID&Sense/ONiRiXEL
On Earth, security is strengthened through system upgrades, but this approach does not always work for space infrastructure. Some components of complex satellite systems cannot be replaced or upgraded, and if even a single unprotected element remains vulnerable to cyberattacks, the entire system is at risk.
These factors, along with the continued digitalization of space systems, are increasing the number of potential entry points for cybercriminals, making space an even more vulnerable part of global critical infrastructure.
Cyberattacks on satellites: reasons and consequences
Cyberattacks on space systems can have significant economic, geopolitical, and environmental consequences. According to Deloitte, in the U.S. alone, 16 critical infrastructure sectors depend on space systems in one way or another. The same is true for the most profitable industries, making them high-priority targets for cybercriminals.
Hackers most often target ground stations used to control satellites. While no major incidents have been publicly reported (due to security concerns or commercial secrecy), many experts believe attacks on ground stations are preparatory steps that could lead to more destructive operations.
Commercial satellites are typically more vulnerable than military assets. Manufacturers often build them using off-the-shelf components, which are not always thoroughly tested for security. Additionally, the ground stations themselves can fall victim to cyberattacks due to outdated or insecure software.
Source: Lockheed Martin
Disruptions in the operation of commercial satellites can be just as dangerous as those affecting military satellites. The risk goes beyond the direct costs of replacing a satellite or its components: it also includes the cascading damage that follows. Many ground-based systems, such as those used for aviation, rail, and maritime transportation, rely on satellites, including those that transmit atomic clock signals via the Global Positioning System (GPS) and other Global Navigation Satellite System (GNSS) networks, ensuring critical synchronization between systems operating in different locations.
A similar dependence exists in the financial and energy sectors, which also rely on satellites for precise timekeeping. A failure in this synchronization could trigger financial collapse or disrupt power grids. The same applies to data centers, where accurate time synchronization is crucial. These centers form the backbone of the digital economy, supporting essential services such as government operations, banking, and healthcare. According to IDC, the total volume of data stored in data centers is expected to reach 175 zettabytes by the end of 2025.
A survey conducted among space security experts helped create a clear picture of the potential consequences of a global satellite blackout. According to experts at the London School of Economics and Political Science (LSE), the scenario would unfold as follows:
| Timestamp | Possible consequences |
| Moment of satellite disconnection | Flight cancellations, suspension of railway services, and traffic jams on major roads. Initial delays in emergency services (police, ambulance). Shutdown of ATMs. |
| Shutdown time + 2 hours | Stock market crashes. Overload of ground-based communication networks. |
| Shutdown time + 7 hours | Disruptions in the operations of news agencies and energy companies. |
| Shutdown time + 1 day | Suspension of financial transactions. Power plant failures due to uncontrolled overloads. |
| Shutdown time + 1 week | Onset of economic collapse. Evacuation of the ISS crew. |
| Shutdown time + 1 month | Emergency launch of backup satellites. |
| Shutdown time + 2 months | Severe damage to the global economy. Complete shutdown of telecommunications companies and parts of major industrial production. |
| Shutdown time + 12 months | Deployment of new satellites. |
In addition to the direct consequences described in the table, there may be other possible effects. For example, there could be an increase in space debris, posing a further threat to planned space operations. On Earth, economic collapse could lead to unemployment, followed by mass unrest. Panic-driven food hoarding could rise, leading to looting, and cities would no longer be safe or comfortable to live in.
Such a post-apocalyptic scenario is unlikely, of course, but short of such extremes, cyber threats in the space sector present a very real danger that could trigger a chain reaction on Earth.
How states protect satellites from cyber attacks
Some countries are already working on protecting their assets from cyberattacks, but many challenges remain, both technical and organizational. For instance, it is not always clear which government agency is actually responsible for the cybersecurity of a specific satellite.
This conclusion was reached in a study that examined government institutions in France, Germany, the United Kingdom, and the United States. Researchers found that employees of the same institutions often gave “completely different answers” regarding the role of space and cyber commands in satellite protection. This conclusion was supported by statements from Clémence Poirier, Senior Researcher in Cyber Defense at the Center for Security Studies of the Swiss Federal Institute of Technology in Zurich, during the International Astronautical Congress (IAC).
Source: @ESPIspace on X
Nevertheless, there are also some positive developments: some countries have established space cyber commands and adopted relevant doctrines, recognizing the military sector’s dependence on space systems. Many states are also active in the information space, raising awareness among space sector professionals about cyber threats, striving to improve information-sharing with strategic partners, and developing their own cyber ecosystems in space.
Below is a brief overview of what Western countries with the most advanced space programs are doing in this area.
United States
In 2020, the White House developed its National Space Policy, emphasizing the need to integrate cybersecurity into space operations. According to the document, this approach helps maintain control over space systems while ensuring the integrity and security of critical data and processes. The policy recommends incorporating cybersecurity principles at all stages of spacecraft design, development, acquisition, and deployment. It also highlights the strong interconnection between cyberspace and the stable operation of GPS.
In its 2023 National Cybersecurity Strategy, the Biden Administration further stressed the importance of enhancing the security and resilience of U.S. space systems.
Currently, cybersecurity for U.S. military satellites is overseen by Space Delta 6 (Del 6), a U.S. Space Force unit responsible for space access through the satellite control network. Del 6 includes eight squadrons specializing in different tasks, such as early attack warning, launch security, and developing cyber defense strategies against adversaries.
Space Training and Readiness Command (STARCOM) is responsible for training personnel, conducting cybersecurity exercises for the USSF. Its primary mission is to equip Space Force Guardians with the skills needed to fight effectively in cyberspace.
Source: U.S. Space Force
European Space Agency (ESA)
For its part, the ESA is developing a comprehensive cybersecurity system to protect Europe’s space assets. A distributed security network is in place to analyze risks and threats, conduct real-time monitoring, and implement cybersecurity measures in space. Several ESA centers across different countries are responsible for various aspects of cybersecurity: Belgium ensures the security of space systems, Italy focuses on incident analysis and risk management, and Germany handles mission security monitoring and threat detection.
In France, cybersecurity efforts are led by the national authority, the French Cybersecurity Agency (ANSSI). According to a White Paper on defense and national security, ANSSI coordinates French and European cybersecurity research, protects military satellites, and is responsible for detecting cyberattacks and restoring infrastructure after malicious incidents.
In the UK, the National Cyber Force (NCF) is responsible for securing global satellite services, which account for up to 18% of the country’s GDP. NCF includes defense and intelligence agencies.
Germany has a similar organization to France, the Federal Office for Information Security (BSI), which is responsible for strengthening the cybersecurity of space infrastructure and ensuring stable access to secure and reliable satellite communications services. BSI also oversees classified information security in military and civilian satellite systems, such as the Public Regulated Service (PRS) of the European Galileo system.
In 2024, Germany and France joined the Olympic Defender space program, an initiative led by the United States aimed at strengthening defense and deterring hostile actions in space. The program facilitates information sharing to enhance orbital awareness and respond to cyber threats in a timely manner. Previously, Olympic Defender included the US, the UK, Australia, and Canada as partner nations.
Source: U.S. Space Force
At the global level, security protocols based on artificial intelligence are currently being developed. Experts believe that this approach to cybersecurity in space has the potential to be revolutionary. AI can effectively predict cyberattacks in space, respond to them in real time, and its ability to self-learn allows it to quickly adapt to new challenges. In the future, quantum encryption may be used in applications for space infrastructure, but this technology is still in its early stages. Naturally, technologies aimed at strengthening the cybersecurity of space systems are evolving in parallel with increasingly sophisticated cyberattack methods.
