Can a satellite be hacked?

With satellites such an integral part of our technologically advanced society—and cybercrime a menace set to cost the world over $10 trillion a year by 2025 – it’s logical to question the security of satellite-aided systems.

Attacks on satellites have the potential to knock out navigation systems, disrupt Earth observation and research, and block telecommunications, to name just a few risks. 

Has a satellite ever been hacked, and how commonplace could it become in future?

Can a satellite be hacked?

Satellites can indeed be hacked, though the vulnerability of different satellites and systems depends entirely on who’s running them and, by extension, the resources they have to invest into security. 

For example, the Global Positioning System is owned and maintained by the United States military, which of course has exponentially more capital to pour into security than a small group of researchers likely has.

However, on paper, no satellite is totally immune to hacking, and the risk always remains. Satellites are essentially space-borne computers, making them no less vulnerable to cyber threats than a desktop PC.

Don’t forget that not all cybersecurity threats stem from hackers being able to brute-force their way into software systems. 

Social engineering, wherein hackers accomplish their goals through interactions in which they can manipulate other people for key information, remains an effective tool for cybercrime. Even big names in software services can be affected by such tactics, and the key can be as simple as obtaining somebody’s login details.

With the right entry points and the information they need, hackers could most definitely access a satellite and its resources. The methods available to do so are often as straightforward as those used to disrupt websites and crash communications between everyday computers, such as distributed denial-of-service (DDoS) attacks.

Once a system has been penetrated by attackers, methods such as now-commonplace ransomware attacks can ensure that data access is held hostage until the responsible party pays an extortionate sum to have it released.

For satellites that fulfil roles that can’t be left waiting around, this would be a highly effective avenue for anybody that could execute a lockout successfully. GPS, for instance, doesn’t just help people navigate; it’s also used to pinpoint the exact times of transactions and verify that ATM users don’t inadvertently go overdrawn.

Has a satellite ever been hacked?

As recently as February 2022, U.S. satellite firm Visasat was the target of a cyberattack that affected the internet connections of tens of thousands of customers across Ukraine and Europe. The attack targeted the KA-SAT network and directly impacted satellite communications shortly before the invasion of Ukraine took place.

In a less damning example of satellite hacking, a group of researchers was able to hack into a decommissioned satellite and use it to broadcast a signal over North America. Though the test was carried out with express permission, it highlighted an important factor to discussions of satellite cybersecurity: it isn’t just active, ‘live’ satellites that operators need to worry about.

Instances of satellite hacking are still not nearly as commonplace as those happening on the ground, something that is largely attributed to the fact that terrestrial systems currently present easier targets than those up in orbit.

However, any challenge associated with hacking satellites does not seem to be a deterrent, especially as hackers and cybercriminals grow increasingly sophisticated, well-funded, and organised. 

Space is already considered a new warfighting domain by many nations’ governments, and with the growing New Space industry lowering the barriers for private entry, both public life and private profit are at risk.

What measures can be put in place to prevent a satellite being hacked?

To ensure their best chances of protection from cyberattacks, satellites would likely benefit from the same stringent security measures that many businesses employ to protect their own data. 

Managed security services would ensure that a satellite and its associated systems are always being monitored for threats, allowing for fast intervention and intelligent response.

However, such services demand ongoing costs to maintain, and for those launching private satellites they’re likely to be far beyond the realm of anything they truly need.

One of the biggest contributing factors to easier more accessible spaceflight is the accessibility of small satellites like CubeSats.

These off-the-shelf builds are designed to be smaller, more affordable, and—in some ways—more expendable.

These satellites need to be more or less self-sufficient. Once launched, they’re largely left to their orbits until it erodes and the satellite falls to Earth, burning up as it re-enters. Bearing this in mind alongside the relatively short useful lives of CubeSats, many service providers simply won’t have enough to gain from budgeting for sophisticated security on top (or won’t be able to afford it).

Is my satellite at risk of being hacked?

That depends on who you are and what you’re doing.

If you’re operating a nanosatellite to serve a short mission or to act as a proof of concept, it’s unlikely that anybody will be looking to specifically target you with a cyberattack.

However, nothing can be assured, and a small likelihood of such attacks still exists.

Bright Ascension’s satellite software, with its pre-validated components and extensive flight heritage, is designed to ensure and increase reliability of your mission. Being modular by nature, it can be easily and quickly extended to include powerful security to protect your spacecraft..

To learn more about our products and book a demo, contact us today.