A version of this story appeared in the daily Threat Status newsletter from The Washington Times. Click here to receive Threat Status delivered directly to your inbox each weekday.
Four government security agencies are warning that low-Earth orbit satellite communications, such as SpaceX’s Starlink system, are vulnerable to hostile cyber hacking operations.
A report published Wednesday by the Australian Signals Directorate, the government signals intelligence and security agency, warns that low-Earth orbit, or LEO, communications systems face an array of cyber threats to their networks.
“These networks face a range of risks,” states the report produced with the National Security Agency and security agencies in Canada and New Zealand.
The NSA said in a social media post that all organizations using satellite communications are urged to take steps to mitigate “the unique cybersecurity challenges these systems face.”
Cyberattackers can gain unauthorized access to data transmitted between satellites and ground stations or between satellites. A hacker can also manipulate telemetry, mission data or logs and steal data from compromised ground station storage systems, the report said.
The main company currently engaged in commercial satellite service is Starlink. The SpaceX company has deployed thousands of LEO satellites that provide high-speed internet service to more than 150 nations.
Attackers may exploit vulnerabilities in orbiting satellites’ command and control channels due to poor encryption and authentication, the report said.
Other dangers include signal spoofing, malware injection and memory corruption through hackers’ imposing faulty data.
“The space segment, comprising the satellites themselves, faces unique cyber threats due to its critical role in satellite communications,” the report said.
A Starlink spokesman did not immediately respond to an email request for comment.
The report did not identify nations engaged in planning cyber operations against satellites.
However, Western intelligence and cybersecurity firms have identified multiple cases of Chinese state-sponsored actors targeting satellite infrastructure.
A CIA document leaked online by an Air National Guard member in 2023 revealed that China is developing cyberweapons that can be used to “deny, exploit or hijack” enemy satellites.
The document said the capability will allow China “to seize control of a satellite, rendering it ineffective to support communications, weapons, or intelligence, surveillance, and reconnaissance systems.”
Chinese state cyber actors in an operation called Salt Typhoon in mid-2025 also targeted ViaSat, a major satellite internet provider for the U.S. government and military.
• Bill Gertz can be reached at bgertz@washingtontimes.com.
Please read our comment policy before commenting.