This post is also available in:
עברית (Hebrew)
A recent academic study has uncovered a major vulnerability in satellite communications: vast amounts of sensitive data—including military and industrial information—are being broadcast unencrypted and can be intercepted using equipment worth under $800.
The research, conducted by teams from the University of California, San Diego and the University of Maryland, demonstrates that satellite links used in remote communications are often left unsecured. According to Wired, using commercially available gear—a satellite dish, motor, roof mount, and tuner card—the researchers set up a basic ground station on a campus rooftop and began capturing real-time satellite traffic with ease.
They focused on geostationary satellites that relay data over wide areas, including regions without access to terrestrial infrastructure. These satellites are widely used by telecom providers to link isolated cell towers, offshore platforms, and aircraft in flight. The assumption has long been that such links are encrypted—but the research found that roughly half of the transmissions were not.
Over a three-year period, the researchers intercepted a wide range of unprotected data. This included text messages and voice calls routed via providers like T-Mobile USA, Telmex, and AT&T Mexico. In-flight internet activity, internal communications from energy utilities, and even transmissions linked to military systems were also captured.
Among the more alarming findings were real-time location data and identifiers from U.S. Navy vessels, as well as military intelligence traffic from Mexico. Transmissions from Mexico’s national electric utility, the Comisión Federal de Electricidad, were also picked up, revealing customer information and operational messages. Some U.S.-based industrial control systems were found transmitting unencrypted commands over satellite links.
The underlying issue lies in the assumption that satellite relays are inherently secure or obscure, which this research clearly disproves. The exposed data is vulnerable to interception by anyone with line-of-sight to the satellite’s footprint—potentially covering up to 40% of the Earth’s surface.
The researchers suggest that unless encryption becomes standard in satellite-linked infrastructure, the risks to national security and critical services will persist.
