The biggest and most immediate threat to space systems isn’t anti-satellite weaponry; it’s hacking.

In October 2025, a group of computer scientists from the University of California, San Diego and the University of Maryland undertook a study to eavesdrop on geostationary satellites in orbit. Expecting to find some flaws in space systems during their scanning of internet traffic, they instead intercepted vast quantities of private and potentially sensitive communications. Some of these were from government and military sources.

In August 2025, German researchers at a Black Hat computer security conference in Las Vegas demonstrated how software and encryption libraries used by NASA and Airbus could be exploited to shut down, move or crash the flight software of a satellite. Additional software flaws in open source app OpenC3 Cosmos were found to allow remote code execution (where arbitrary codes are run on a target system from a remote location) and cross-site scripting attacks (where malicious scripts are injected into a trusted website) on ground stations.

States don’t need to shoot down satellites to make them unusable. For example, in late 1997, a Russian hacker gained access to the servers that controlled the German–British–American x-ray observatory, RoSAT. In 1998, the satellite was irreparably damaged when its x-ray imager pointed towards the sun. It’s speculated that this was the result of the hacker changing a code for RoSAT’s attitude-control system, responsible for controlling orientation.

Getting into satellite transmissions and software is cheap. Where kinetic attacks are high-risk and visible, cyber operations probe quietly, often undetected. Hackers can gain access, degrade performance, steal data or hold a capability at risk without firing a shot. Cyber operations can be dialled up or down, used repeatedly and plausibly denied. In a contest where signalling and coercion matter, that flexibility is important.

In short, cyber operations support an environment where grey-zone pressure can be applied, and without repercussions, while advancing strategic interests.

Several structural factors expose space systems to hacking. Ageing and legacy hardware stays in service for years, often decades—well beyond the patch cycles we take for granted in other critical infrastructure. Operators can have limited ability to update or replace software once a satellite is on orbit, and even ground segments can be constrained by uptime requirements, bespoke systems and complex vendor dependencies.

On top of that, space systems face unavoidable security–performance trade-offs: limited onboard computing, memory and bandwidth; intermittent connectivity; and a harsh environment where reliability is paramount. In practice, those constraints create exactly the kind of uneven defensive surface that sophisticated attackers look for.

Why are space systems particularly exposed?

First, lifecycle and patching. Satellites are designed for longevity, not rapid refresh. Components may be selected years before launch. Once on orbit, there is no technician with a USB stick. Some updates are possible, but they are operationally risky and sometimes technically constrained. Meanwhile, attackers iterate quickly.

Second, bespoke architecture. Space systems often use special-purpose hardware and software to meet real-time requirements and survive radiation, vibration and other stresses. That specialisation can mean fewer mature security tools, fewer hardened defaults and fewer defenders with hands-on familiarity. Security best-practice from enterprise IT doesn’t always map neatly onto space mission realities.

Third, mission trade-offs. The more constrained the platform, the more likely it is that security competes with performance, cost and schedule. That’s not unique to space, but space magnifies it.

For determined adversaries, that combination can make space systems low-hanging fruit: high-value targets with uneven protections, complex supply chains and the promise of strategic leverage.

Australia is poorly prepared for this. Threat-information sharing for space is often shallow, redundancy and substitution of assets are thin and skills shortages of specified space cybersecurity personnel harm project needs. Meanwhile, software dependencies and supply chain vulnerabilities require ongoing visibility and transparency from a sector that must often make clear trade-offs between cybersecurity and project security due to cost outlays. These are just a few of the limitations researchers from RMIT’s Centre for Cyber Security Research and Innovation unpacked in an October 2025 report sponsored by the Department of Defence.

If Australia is to properly exploit the space market, an honest discussion about these limitations is needed. In getting ahead, there are several steps the government can take to deepen protections.

First, treat space as critical infrastructure in practice, not just rhetoric. Where space systems support essential services—such as communications, timing, emergency response, defence support and resource operations—the government should use existing frameworks to lift baseline cyber expectations and incident reporting.

Second, build a space infrastructure resilience plan. Australia needs clear standards and guidance tailored to space realities. These should cover encryption of links where feasible, secure-by-design mission software, segmented ground systems, identity and access controls for command paths, and tested recovery procedures. Resilience matters as much as prevention: the goal is to maintain service, restore quickly and deny an adversary strategic effect.

Third, invest in people. Australia should create career pathways that produce space–cyber specialists—through universities, technical education institutions, cadetships and joint industry placements—so that capability grows alongside the sector. This is a workforce problem as much as a technology problem.

Addressing the challenges won’t just ensure Australia is ready for space; it will put the nation on a path toward space ascendency.