Turns Out Hacking LEO Satellites Is Trivial

Source: The Register Turns Out Hacking LEO Satellites Is Trivial

Meet Ground Station As A Service

You might think that the satellites orbiting Earth are secured against unauthorized access but sadly it seems that is not the case.  The belief that satellites are secure is mostly based on the assumption that the hardware inside is a well kept secret, and that communicating with a satellite is next to impossible without access to it’s ground station.  Sadly, both assumptions are untrue.

The hardware inside commercial satellites is easy purchased to be able to tear apart, assuming you have the money.  Once someone has that hardware in hand they can take all the time they need to find vulnerabilities, after all it’s non-trivial to replace hardware on a satellite in low Earth orbit.  The researcher, who somewhat regrets doing this research also determined you could build your own functional ground station for around $10,000.  That’s not cheap, but likely nowhere near the amount of money you might have assumed it would take.

You can also skip the ground hardware, as both AWS and Azure offer Ground Station as a Service (GSaaS) now.  Again, all it takes is a bit of money to gain the ability to communicate with orbiting satellites.   As an example, the popular CubeSat has no authentication protocols, and broadcast unencrypted signals.   More nightmare fuel can be found at The Register.

As an academic, Willbold took a more direct approach. He just asked satellite operators for the relevant details for his paper. Some of them agreed (although he did have to sign an NDA in one case) and the results somewhat mirrored the early computing days, when security was sidelined because of the lack of computing power and memory.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.


  1. LegoGuy23

    “As an example, the popular CubeSat has no authentication protocols, and broadcast unencrypted signals ”
    A cube sat is just a form factor. The one I helped launch at my university absolutely had encrypted command and control signals.

    • Jeremy Hellstrom

      That does make me feel a bit better, at least some of them have been secured!


Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!