Satellite operators have long treated cybersecurity as secondary to mission performance, leaving a growing orbital population — now numbering in the thousands — with protection measures that were never designed to withstand modern threats.
According to the report, researchers at Estonia’s CR14 cybersecurity center warn that AI-enabled attacks on satellites could materialize within two years, a timeline driven by the rapid maturation of so-called agentic AI: autonomous systems built on Large Language Models that can independently plan and execute multi-step tasks without human direction.
Kristján Keskküla, CR14‘s Head of Space Cyber Range, put the concern plainly: “AI is developing quite quickly right now. The real problem now is that AI can act, take decisions, analyze things and come up with new exploits.”
The specific risk is not a vague disruption — it is a kinetic one. Researchers say a successful hijacking of satellite command systems could cause spacecraft to alter orbits and collide with other objects, potentially initiating a cascade of debris that renders certain orbital altitudes unusable for years. Cybersecurity researchers are already deploying AI to find zero-day vulnerabilities — previously unknown flaws in code — so operators can patch them before adversaries strike. The same capability, turned offensive, compresses the window between vulnerability discovery and exploitation to a fraction of what it once was.
State-sponsored actors have already moved in this direction. Clémence Poirier, a cybersecurity researcher at ETH Zurich, notes that in 2024, OpenAI and Microsoft disclosed that the Russian threat actor known as Fancy Bear had used LLMs to research satellite communications, radar systems, and related space technologies — work consistent with reconnaissance ahead of potential operations. “The time to exploit known vulnerabilities has been immensely reduced because of AI,” Poirier said.
The barrier to entry has dropped sharply.
Andrzej Olchawa, a space cybersecurity engineer at VisionSpace, explains that understanding spacecraft operations once demanded years of specialized study across thousands of pages of technical documentation. LLMs now allow actors with no background in the field to process that material rapidly and generate functional tools. “Interpreting telemetry and telecommand structures once required extensive study of thousands of technical pages,” Olchawa said. “Today, one can simply instruct an LLM to generate parsers and provide mission-specific context with minimal expertise.”
This capability gap lands at a particularly exposed moment. Many satellites currently in orbit were built and launched before cybersecurity was treated as an engineering requirement at all. Keskküla notes that numerous older operational satellites carry no cyber protection systems, making them straightforward targets. The industry has only recently begun addressing these structural deficiencies — and the window for doing so quietly, without adversarial pressure, may already be closing.
This article is a curated summary based on third-party sources. Source: Read the original article
