7-minute read | 1,000 words
Subscribe to the newsletter to receive this issue in your inbox every Sunday.
Securing satellites already in space, with journalist Shaun Waterman.
Host Maria Varmazis and Shaun Waterman, an award-winning cybersecurity, space, and emerging technology journalist, sat down to discuss his recent article, “The Newest Space Race is Cyber.” The two focus on his recent coverage and open-source research into the federal government’s growing push to expand space-cyber capabilities and move beyond using indicators of behavior to determine attacks.
Subscribe and listen to the conversation now.
The space-cyber gap.
This week on T-Minus: Space-Cyber Briefing: we dive deeper into Shaun Waterman’s recent article into recently launched initiatives that aim to bolster the US’s cyber-space capabilities, including the Department of Homeland Security’s research to better repel hostile cyber activities for onboard software.
Does this newsletter spark questions for you? Write to us at space@n2k.com to guide how we’ll continue to explore how the US federal government has expanded its space-cyber capabilities in future podcast episodes and newsletter issues.
From ground security to orbital exposure.
For years, space cybersecurity focused primarily on protecting ground stations, cloud infrastructure, and communication links. Advances through network security and encryption helped harden these pathways, but the spacecraft themselves were largely assumed to be out of reach once deployed.
While researchers repeatedly demonstrated that satellites could be vulnerable to cyberattacks, operators had few tools to detect or respond to compromises after a spacecraft was launched. In effect, cybersecurity largely stopped at the edge of the atmosphere.
That assumption is now being challenged.
In his article “The Newest Space Race is Cyber,” Shaun Waterman examines a growing push by government agencies and industry organizations to develop orbital cybersecurity capabilities. Among the most prominent efforts is a Department of Homeland Security (DHS) and Aerospace Corporation initiative aimed at testing new spacecraft detection tools through an open-source development model. The program’s goal is not to just improve defensive capabilities, but to address the fundamental visibility problem.
As Ernst Wong, a technical lead within DHS’s Science and Technology Division noted, many existing detection capabilities rely solely on telemetry data. However, telemetry data alone misses a large portion of potential cyberattacks, creating a significant visibility gap for operators. This effort is reflective of the emerging concerns across both the government and industry that ignoring orbital cyber threats is no longer feasible.
As satellites become increasingly software-defined, interconnected, and critical, operators are having to explore new ways to deploy defensive capabilities.
Moving beyond just detecting.
Closing the detection gap is a critical first step for improving space cyber defenses, but many organizations are looking beyond just improving detection. Alongside these efforts, many are working on advancements that would allow new defense capabilities to be deployed directly onto satellites already in orbit.
One example highlighted by Waterman is Deloitte's Silent Shield program. Rather than solely focusing on ground-based defenses, this program is designed to provide intrusion detection capabilities onboard software-defined satellites. Deloitte has already tested these technologies on a small constellation of satellites and is exploring how these tools can be remotely updated after launch.
This over-the-air update capability is key. These new advancements would shift cybersecurity from a launch-time constraint to an iterative lifecycle process, alongside allowing already deployed satellites that were never designed with modern security standards to be upgraded in orbit.
The changing satellite landscape.
Unlike traditional IT environments, satellites often rely on highly customized hardware and software. As Waterman notes, the space sector lacks the extensive databases of known vulnerabilities and indicators of compromise (IOC) that cybersecurity teams regularly use on Earth. In traditional networks, defenders rely on known malware signatures, malicious IP addresses, or known exploits. However, space systems operate under very different conditions.
Since many satellites use proprietary technologies and highly-specialized architectures, operators have far fewer known indicators to monitor. This dynamic results in many emerging space cybersecurity efforts focusing on indicators of behavior (IOB) instead. Rather than looking for evidence of an exploit, operators focus on odd patterns, such as unexpected signals or platform movement, creating one of the industry’s biggest obstacles for effective cybersecurity management.
While IOCs can provide a definitive signal that an attack has occurred, IOBs are inherently more probabilistic. Unusual behavior may indicate a cyber intrusion, but it could also be the result of a malfunction or anomaly. As organizations continue to develop orbital cybersecurity capabilities, improving their ability to interpret and trust these behavioral signals may become just as important as detecting the threat itself.
As governments and commercial operators launch larger constellations and increasingly rely on software-defined satellites, the need for effective on-orbit cybersecurity capabilities will only grow. While researchers have spent years demonstrating that satellites can be hacked, the next phase of space cybersecurity may ultimately be defined by the industry’s ability to detect, respond to, and recover from attacks once they occur. Closing the visibility gap in orbit may prove just as important as preventing the intrusion itself.
This week’s space-cyber headlines.
The news stories we’re reading and thinking about this week.
The backup was always a clock.
- Growing GPS jamming and spoofing threats are exposing the risks of relying on a single source of positioning, navigation, and timing data.
- Governments and industry are pursuing alternatives such as quantum clocks, terrestrial timing networks, and new constellations, though no comprehensive replacement exists yet.
June 10, 2026 | Source: A Discipline of Seeing
Applied Atomics emerges from stealth with more than $500 million to build the Star Reacher Network.
- Applied Atomics’ Star Reacher Network is a mobility infrastructure layer for post-launch space operations looking to overcome the common tradeoff between speed and efficiency for space operations.
- The company has already successfully completed a launch, executing the Give Me Some Space mission for the UK with another demonstration planned.
June 10, 2026 | Source: Yahoo Finance