Subscribe
About

Space system cyber attacks increasingly a ‘concerning’ threat

Simnikiwe Mzekandaba
By Simnikiwe Mzekandaba, IT in government editor
Johannesburg, 05 Jun 2025
Dr Bianca Lins, legal officer and lead, space department, Liechtenstein Office for Communications. (Photograph by Strike a Pose)
Dr Bianca Lins, legal officer and lead, space department, Liechtenstein Office for Communications. (Photograph by Strike a Pose)

While satellites have historically been prone to non-malicious threats like human error or natural disasters, a more concerning category of threats is emerging, and is driven by the internet.

This is according to Dr Bianca Lins, legal officer and lead, space department, Liechtenstein Office for Communications, saying this category includes targeted and intentional disruptions.

Lins was one of the international keynote speakers at ITWeb Security Summit 2025, at the Sandton Convention Centre, in Johannesburg.

Targeted and intentional disruptions include spoofing, replay attacks, hijacking of satellite capabilities, corruption, or insider abuse often enabled by weak endpoint security, as well as social engineering, such as phishing or credential theft in critical ground segment operations, Lins noted.

While some may question if this is something that really happens – given there are not many reports about it − she pointed out that many of the malicious threats are real, even if they do not make it to the public domain.

There are various reasons why these attacks are not divulged. Some are too sensitive to disclose, especially when national security is involved. Others may not be revealed due to possible reputational damage, in the case of the private sector, she stated, adding that often it’s simply because there is no obligation to report.

“There aren’t the same transparency requirements as with traditional IT, but that doesn’t mean there are no attacks.”

Lins referenced a study by a group of researchers that looked at decades (1977-2019) of publicly-available data to identify cyber attack patterns against space systems, saying it revealed 72 real world cyber incidents on these systems.

“While this number may seem quite small, it’s important to understand the context. The research shows a sharp increase in the past decade, especially in the past five years. Many of the incidents never make it to the public domain.

“Cyber attacks against satellites are not rare exceptions; they’re just rarely visible. Many of the attacks…were successful, despite being technically unsophisticated. The study found that two out of three attacks could likely have been prevented.”

Satellite has been touted among the technologies that can drive internet connectivity in rural areas.
Satellite has been touted among the technologies that can drive internet connectivity in rural areas.

Satellite technology has often been considered as the solution to provide ubiquitous internet access to the remote, hard to reach locations of the African continent.

According to the International Telecommunication Union, Africa remains the least connected region, with only 40% of the continent’s population being online.

South Africa – through a collaboration between Sentech, the South African National Space Agency and other key government role-players, has plans for its own communications satellite project.

There are currently more than 11 000 active satellites orbiting the Earth − a figure that is projected to rapidly grow as more low-Earth orbit satellites are deployed by SpaceX’s Starlink, Amazon’s Kuiper Project and Eutelsat’s OneWeb, among others.

Statistics show more than $60 billion was invested in the space business in the past 10 years, with nearly $50 billion in the last five years alone.

According to Lins, most people are not necessarily aware of how much of their daily lives depend on satellite communications − ranging from financial transactions, to aviation and GPS. She stressed that without satellite “everything” would come to a complete standstill.

She explained that satellites are not only a convenient tool for personal routines; they are critical infrastructure, with much of the economy and security today depended on them.

“Every day we rely on satellite-based services for things we take for granted. Imagine a day without using a navigation system, without checking the weather forecast and checking the news from around the world.

“Satellite-based communications systems also help to avoid collisions in the air, land and on sea. Earth observation satellites provide essential data for weather forecasts, monitor environmental change and support disaster response.

“Communications satellites enable broadband access in remote areas and support connectivity. Even 5G networks now rely on satellites as part of their growth infrastructure.

“Without satellites, our world would simply stop functioning. Satellites are the invisible backbone of our economies and societies. Their functioning and safety concern all of us.”

Risky position

Satellites have been in orbit for some decades now, beginning with broadcasting and military satellites. However, at the time when they began to be utilised, cyber security was “absolutely” no issue, she explained.

It was 2022 that marked the turning point for the awareness of the need for cyber security in space systems and how space cyber security threats are perceived, she added.

“2022 was when Russia invaded Ukraine. At the very beginning of the war, it was not the physical invasion starting on the ground; it was a cyber attack on ViaSat KA-SAT’s network. It resulted in a huge loss of communications for the military and armed forces in Ukraine.

“This showed how space systems can be used for this kind of action, as well as the dual-use of commercial satellites that are not only used for commercial reasons but also military reasons.”

As the number of satellites increase and reliance on space-based services continues to grow, there needs to be better understanding of the risks, especially for satellite systems and services in low-Earth orbit, emphasised Lins.

“Times have changed, and systems are getting more digitalised and this creates more entry points. You don’t just have the satellite that might be hacked, but there is the complex infrastructure that consists of four key segments, namely: ground segment, link segment, user segment and space segment. The link segment is something that is really exposed, especially if it’s not authenticated or well-protected.

“All four of the segments must operate in coordination to deliver needed satellite-based services. They also depend on hardware and software from various diverse suppliers from around the world, which is why the supply chain is crucial across the board.

“These systems face a variety of challenges, like any other system – technical and operational risks – that can arise from internal system faults or configuration issues. They affect all four [segments].”

Share