Satellites Spill Unencrypted Calls And Sensitive Comms

Gregory Zuckerman
By Gregory Zuckerman
Technology
8 Min Read

Security researchers have discovered a far-reaching vulnerability in hundreds of thousands, if not millions, of satellite-communication devices that would allow hackers to take control over them — and potentially take the ships or the military personnel they serve for ransom. The implications suggest a systemic, long-undiscovered vulnerability across geostationary satellite services, which are still hosting cleartext traffic high above Earth.

How The Exposure Was Revealed To Researchers

A group of researchers from UC San Diego and the University of Maryland put together about $800 worth of off-the-shelf equipment, aimed it at the sky, and collected data for three years.

Table of Contents
Satellites leaking unencrypted calls and sensitive communications via unsecured signals

Their passive eavesdropping uncovered a disturbing reality: as many as half of geostationary satellites hosted sensitive traffic with weak or no encryption at all. (That work covered consumer, corporate, and government-linked signals.) The extent of the efforts was first reported by Wired.

The researchers discreetly alerted affected organizations, including mobile carriers and satellite service providers. Some, including T-Mobile and AT&T’s network in Mexico, reportedly switched to encryption after disclosure. But many others have yet to remediate in full, and the team cautions that great swaths of satellite data will continue percolating through public internet connections for years because of long-lived equipment and deployment cycles.

The content included the voice calls and SMS made by people, as well as passenger internet sessions used on in-flight Wi‑Fi, telemetry, and business data from remote industrial installations. We also found communications for energy and water utilities, as well as offshore oil and gas platforms, shipping on the high seas, and some military that seemed more logistics than classified — although certainly sensitive from any perspective.

Geostationary satellites, because they cover such large areas with wide beams, can have thousands of devices downlinking over continents at one time. Interception is far from an exotic reconnaissance method: a tuner that works with both GNU Radio and popular SDR software combined with a satellite dish, along with freely available code, could be all you need to capture and decrypt open video streams if all protection was simply off or misconfigured.

Technical debt, pressure on costs, and the patchwork of responsibility all contribute. For satellite internet and voice, most often the return channel is the DVB‑S or DVB‑S2 family standard. These protocols do provide for scrambling and optional encryption, but they do not require or enforce end-to-end confidentiality, and the handling of keys is generally either weak or turned off. Historically, providers have worked under the assumption that their customers would layer on VPNs or application-level crypto — a fallacy in mixed environments or legacy installations.

Equipment refresh cycles are slow. It is also possible to enhance encryption — but it requires new infrastructure such as modems, firmware, or key management systems to do so on some remote terminals aboard ships, aircraft, and rigs that can run for more than a decade. Regulation only makes the issue worse: regulators such as the International Telecommunication Union are concerned exclusively with spectrum and interference, whereas confidentiality controls vary significantly among jurisdictions and are almost never implemented in a consistent manner.

Satellite over Earth with unsecured signals leaking calls and sensitive communications

Real-World Risks and Who Is Targeted by Eavesdroppers

Unciphered satellite data is a threat from prying eyes and amateur radio operators potentially competing with corporate rivals, to corporate espionage attempts or attacks against national infrastructure. A motivated hobbyist can gather sensitive information; a determined attacker can do much more. The joint advisory from CISA and the NSA in the wake of the KA‑SAT incident, however, illustrated how satellite networks are critical to emergency response, aviation, maritime, and government services — as well as how failures can ripple through follow-on connections when links fail.

It isn’t the first reality check. Academic teams at KU Leuven and elsewhere have earlier shown eavesdropping on satellite broadband traffic from embassies, ships, and energy firms that relied on lack of encryption or weakly separated traffic. The new research underlines those warnings by indicating just how widespread the issue continues to be across geostationary platforms.

Industry Response And The Long Road To Solutions

After being alerted, some operators and carriers have acted quickly to put in place link-layer encryption or require customer VPNs. But it’s a fragmented world of satellite players: private teleport operators, resellers, equipment vendors, and end customers all have a stake in it — more so in today’s competitive market — and any weak link can leave data out there for the taking. Full remediation will take years to complete, researchers say, as fleets and terminals are upgraded, contracts renegotiated, and key management systems are deployed at scale.

There is progress. More recently developed constellations often tout encryption as a default feature, while customers in defense and aerospace increasingly demand FIPS-validated cryptography, mutual authentication, and frequent key rotation. Some guidance has been issued on the security of space systems by European and U.S. agencies such as ENISA and NIST. And yet, unenforced guidance rarely closes the distance.

Link-layer encryption should be made default-on for satellite services carrying consumer or operational data: this must require strong hardware-backed keys that are automatically rotated. Providers should also quarantine clients with secure mode, turn off old cleartext protocols, and only confirm if terminals have had signed firmware pushed to them. Organizations mostly dependent on SATCOM should implement end-to-end VPNs and periodically test leakage through independent monitoring.

Procurement to the rescue: contractual requirements for modern cryptography, independent security assessments, and incident response requirements. Governments can play their part by ensuring that export and licensing regimes are complementary to requirements for confidentiality, while also extending the ambit of critical infrastructure directives to satellite backhaul.

The headline conclusion is simple and blunt: a lot of what goes over geostationary satellites can still be read by others. There is technology to fix it. The question is whether the industry and its users will act quickly enough to make interception the exception, rather than a routine fact of life.

Gregory Zuckerman
ByGregory Zuckerman
Gregory Zuckerman is a veteran investigative journalist and financial writer with decades of experience covering global markets, investment strategies, and the business personalities shaping them. His writing blends deep reporting with narrative storytelling to uncover the hidden forces behind financial trends and innovations. Over the years, Gregory’s work has earned industry recognition for bringing clarity to complex financial topics, and he continues to focus on long-form journalism that explores hedge funds, private equity, and high-stakes investing.
Latest News