Cyber security in the skies – protecting satellites from attack

Date Published: August, 12, 2021

The resurgence of the satellite industry in recent years has led to entire constellations of satellites orbiting our skies. With the number of connected devices worldwide due to hit 50 billion by 2030, connectivity requirements are soaring, and the use of satellites is helping to meet this insatiable demand. From providing geolocation capabilities and enabling logistics and navigation, to supporting next generation technologies through 5G backhaul, satellites are proving to be a vital component in the modern connectivity ecosystem.

This does, however, raise the stakes when it comes to preventing attacks. Hackers hoping to compromise sensitive information now have more targets for potential infiltration. Thanks to the personal nature of numerous connected devices, such as those in our homes and wearable technology, hacks could lead to the leakage of sensitive data. For this reason, security must remain at the forefront of satellite design, to ensure spaced-based assets do not become easy pickings for hackers on the ground.

Entire satellite constellations

Satellites are of course far from new technology and have been meeting connectivity needs for decades. This being said, stringent, modern connectivity requirements mean we are seeing more satellites than ever orbiting our Earth. As time goes on, satellites are becoming cheaper to produce, so utilizing them has become more cost effective for organizations. According to BBC research, in the few decades that we have been launching satellites, the cost of building and launching just one has been reduced by hundreds of millions of dollars.

In the past, those living or working in rural locations, such as cruise ships and oil rigs out at sea, would not have been able to connect to the internet. This is no longer the case, as Low Earth Orbit (LEO) satellites now provide reliable connectivity to even the most remote areas. Occupying a low latitude between 500km and 1,600km above the Earth’s surface, LEO satellites can provide very quick data transmission to locations far out of range of terrestrial networks. Thanks to the falling cost of launching satellites, especially into low Earth orbit, this is much more cost effective than extending terrestrial networks over large distances to provide the necessary connectivity. Since satellite security solutions must be affordable to be widely adopted, this falling cost means they are becoming much more accessible.

While those launching satellites are focused on providing connectivity to meet the expectations of consumers, the security of these satellites and the data they carry cannot be forgotten. As well as posing as a security risk themselves, when it comes to creating a safe and secure connected experience on the ground, satellites will have a major part to play in security considerations that need to be made in real time.

A target for hackers

As satellite technology has advanced, so has the capabilities of cyberattacks. There was a time where satellites were difficult to compromise, but as hackers have become more sophisticated and methods of infiltration have developed, this is no longer the case. Now, anyone can aim an antenna at a satellite and communicate with it, so it is critical that a level of trust is established between the device on Earth, and the satellite itself.

A key issue facing many organizations is the legacy satellite equipment that they are still relying on. This is not always simple to update, due to the rigorous testing required to ensure upgrades do not interfere with key functions. Old IT equipment with outdated encryption is prime real-estate for eager-eyed hackers.

The number of Earth station points and the size and scope of the satellite ecosystem means that if a hacker can access a single device in the chain, they can potentially manipulate an entire system of devices. With so many aspects of our lives connected, the rise in IoT devices increases the points of potential cyberattacks. Once compromised, that same abundance of connected devices means there is potential for a substantial, even more devastating impact.  The fallout can not only cause financial losses and difficulty to gain back control but can also have legal implications due to breaching data protection laws. With governments, military and healthcare organisations transmitting huge amounts of sensitive data every day, there is no place for a casual approach to satellite security.

Cyber resilience for satellites

Along with the advancement of satellite communications, has come the innovation of technology to help ensure security. It is not just the devices themselves that need to be protected, but every stage of data transmission. Network security infrastructure enables data from a device to be authenticated before it is sent to a satellite, acting as a firewall before a transmission even leaves Earth. If authentication is unsuccessful, the satellite will ignore the signal, blocking hackers from reaching the satellite. By ensuring that communicating devices meet compliance requirements, and having access control and providing orchestration, data is protected during its journey across the entire connected ecosystem.

Trusted computing technology, such as the standards developed by TCG, ensure trustworthiness of devices, device identity and security validity. An example of a security solution is a root of trust, a component within a device which remains trusted throughout its entire lifetime. By undergoing in-depth security validation, they form the foundation of a device and secure it for a defined range of applications. For the abundance of IoT devices that already exist, as well as the thousands that are ready to enter the market, a root of trust is vital for the demonstration of trustworthiness.

Security-first approach

Cyber resilience for satellites is vital if companies are to meet the growing data demands while avoiding the significant damages that come from a cyberattack.

To ensure satellites and the data they transmit are protected, the implementation of real-time security solutions, like those provided by TCG, is essential. Due to the speed hackers are able to operate at, any significant delay could give them time to infiltrate and get out before anything can be done – even if that delay is just a few seconds. Real-time security solutions stop hackers in their tracks, preventing the loss of data and keeping satellites secure.


Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.

Join Now

Trusted Computing

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.

Read more


Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.

Read More