Satellite command-and-control systems are critical nodes that translate operator intent into spacecraft actions. They face a range of cyber risks that can interrupt services, degrade safety, and trigger geopolitical escalation. Evidence from space security researchers and standards bodies shows vulnerabilities stem from both traditional IT weaknesses and unique space-domain factors.
Technical and protocol vulnerabilities
Legacy protocols and bespoke telemetry links often lack strong authentication, making spoofing and replay attacks feasible. Brian Weeden at Secure World Foundation has documented how weak signal authentication enables adversaries to inject false commands or mask real telemetry, undermining situational awareness. Radio-frequency jamming and directed interference can deny access to command channels, while more sophisticated compromises can enable persistent backdoors. The National Institute of Standards and Technology guidance led by Ron Ross at National Institute of Standards and Technology highlights the importance of cryptographic integrity, secure firmware, and robust identity management to mitigate these technical gaps. Mitigations are technically available but unevenly applied across commercial, civil, and military operators.
Operational, supply-chain, and human factors
Operational practices amplify risk: centralised control centers, remote-access tools, and complex maintenance workflows present multiple intrusion vectors. Supply-chain compromises in satellite hardware and ground-station software can introduce vulnerabilities long before launch, and insiders with privileged access create further exposure. The European Space Agency has emphasized that ground-segment security and rigorous procurement controls are essential to resilience. Consequences include service outages for navigation and communications, compromised Earth observation data, and — in worst cases — loss of spacecraft control. A compromised command link can also produce cascading physical harms, such as collisions that generate space debris and threaten other assets.
Geopolitical and societal dimensions matter. Satellites underpin emergency response, maritime and aviation safety, and modern economies; disruptions disproportionately affect territories dependent on a small number of orbital assets. Offensive cyber operations against command-and-control can be interpreted as acts of aggression, raising escalation risk between states. Cultural and institutional differences shape risk tolerance and response: civil agencies may prioritize availability and openness, while military operators emphasize confidentiality and redundancy.
Addressing these risks requires a mix of technical hardening, proven supply-chain practices, continuous monitoring, and clear norms of behavior. No single measure eliminates all threats; resilience arises from layered defenses, cross-sector cooperation, and adoption of standards informed by both space experts and cybersecurity practitioners.