{"id":121828,"date":"2025-10-14T17:18:10","date_gmt":"2025-10-14T17:18:10","guid":{"rendered":"https:\/\/www.europesays.com\/ie\/121828\/"},"modified":"2025-10-14T17:18:10","modified_gmt":"2025-10-14T17:18:10","slug":"satellites-are-leaking-private-messages-and-sensitive-military-data","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ie\/121828\/","title":{"rendered":"Satellites are leaking private messages and sensitive military data"},"content":{"rendered":"<p>A new study by researchers at the University of California, San Diego (UCSD), and the University of Maryland (UMD) has revealed that a vast portion of global satellite communications, including personal, corporate, and even military data, is being broadcast unencrypted and can be intercepted using less than $800 in off-the-shelf equipment.<\/p>\n<p>The team\u2019s three-year investigation found that roughly half of all geostationary satellite signals are left vulnerable to eavesdropping. Using a small satellite receiver system set up on the roof of a UCSD building in San Diego, the researchers collected thousands of sensitive communications that were never intended to be public.<\/p>\n<p>\u201cWe were shocked,\u201d said Aaron Schulman, a UCSD professor who co-led the research, in an interview with Wired. \u201cSome critical pieces of our infrastructure rely on this satellite ecosystem, and our suspicion was that it would all be encrypted. And just time and time again, every time we found something new, it wasn\u2019t.\u201d<\/p>\n<p>The team\u2019s findings will be presented at a Taiwan Association for Computing Machinery conference under the paper \u201cDon\u2019t Look Up.\u201d The title, a nod to the 2021 film, reflects what the researchers describe as the apparent security strategy of the satellite communications industry\u2014assuming that no one would ever look up to check. \u201cThey assumed that no one was ever going to check and scan all these satellites and see what was out there,\u201d Schulman said. \u201cThat was their method of security. They really didn\u2019t think anyone would look up.\u201d<\/p>\n<p>A sky full of leaks<\/p>\n<p>The UCSD and UMD team built a satellite receiver system using widely available parts for their research. A $185 satellite dish, a $140 roof mount with a $195 motor, and a $230 tuner card. They intercepted a stream of unprotected signals by aiming the dish at various geosynchronous satellites visible from their location.\u00a0<\/p>\n<p>Over time, they gathered a trove of private communications, including samples of Americans\u2019 calls and texts on T-Mobile\u2019s network, in-flight Wi-Fi browsing data from airline passengers, internal messages from electric utilities and offshore oil and gas platforms, and even communications belonging to the US and Mexican militaries.<\/p>\n<p>These signals, the researchers explained, are continuously broadcast to vast areas of the Earth, often covering over 40 percent of the planet at any given moment. \u201cThese signals are just being broadcast to over 40 percent of the Earth at any point in time,\u201d said one of the researchers, James Levin, in the <a href=\"https:\/\/www.wired.com\/story\/satellites-are-leaking-the-worlds-secrets-calls-texts-military-and-corporate-data\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">detailed Wired investigation<\/a>.<\/p>\n<p>Much of the data exposure stemmed from how telecom companies use <a href=\"https:\/\/interestingengineering.com\/space\/spacex-starlink-satellites-deorbit-earth\" target=\"_blank\" rel=\"dofollow noopener\">satellites<\/a> to connect remote cellular towers to their core networks, a process known as \u201cbackhaul.\u201d Some towers in remote deserts or mountainous regions send data through satellites, and anyone within the satellite\u2019s coverage area can potentially intercept those signals. This allowed the researchers to capture unencrypted backhaul data from carriers, including T-Mobile, AT&amp;T Mexico, and Telmex.<\/p>\n<p>The researchers did not actively intercept communications but only passively listened to what was being transmitted. However, the ease with which they obtained sensitive information exposes a major security lapse in the global satellite infrastructure.<\/p>\n<p>Military and infrastructure data exposed<\/p>\n<p>Among the most alarming findings were unencrypted military and law enforcement communications. The team detected unprotected internet traffic from US military sea vessels, including ship names and identifiers. The situation was even worse for Mexican military and law enforcement agencies, whose exposed communications included intelligence reports on narcotics trafficking, maintenance records for aircraft such as Mil Mi-17 and <a href=\"https:\/\/interestingengineering.com\/videos\/uh-60-black-hawk-sikorskys-masterpiece\" target=\"_blank\" rel=\"dofollow noopener\">UH-60 Black Hawk<\/a> helicopters, and real-time location data for personnel and equipment.<\/p>\n<p>\u201cWhen we started seeing military helicopters, it wasn\u2019t necessarily the sheer volume of data, but the extreme sensitivity of that data that concerned us,\u201d Schulman told Wired.<\/p>\n<p>The researchers also uncovered unprotected data from critical infrastructure systems. Mexico\u2019s state-owned electric utility, Comisi\u00f3n Federal de Electricidad (CFE), which has about 50 million customers, was found to be transmitting internal communications in plain text, including customer information, work orders, and safety reports. In some cases, industrial control systems in the United States were also found to send unencrypted operational data via satellite, prompting warnings from the researchers.<\/p>\n<p>During follow-up calls with affected organizations, some infrastructure operators feared that unencrypted satellite communications could be exploited to surveil or disrupt facility operations.<\/p>\n<p>While many companies moved quickly to secure their systems after being notified, including Walmart, which encrypted its satellite communications, others, particularly certain US critical infrastructure operators, have yet to take action.<\/p>\n<p>A global blind spot<\/p>\n<p>Due to the limited field of view and satellite orientations, the researchers estimate that their San Diego setup captured only about 15 percent of all geostationary satellite signals in operation. That small sample, however, revealed massive amounts of unprotected data, implying that far more may still be exposed worldwide.<\/p>\n<p>Matt Green, a computer science professor at Johns Hopkins University who reviewed the study, told Wired that the scope of the vulnerability is staggering. \u201cIt\u2019s crazy. The fact that this much data is going over satellites that anyone can pick up with an antenna is just incredible,\u201d he said. \u201cThis paper will fix a small part of the problem, but I think much will not change.\u201d<\/p>\n<p>Given how inexpensive and accessible the required equipment is, the findings raise concerns that others, including foreign intelligence agencies, could already exploit these vulnerabilities. The researchers themselves acknowledged this likelihood.\u00a0<\/p>\n<p>\u201cThere\u2019s little doubt,\u201d Schulman said, \u201cthat intelligence agencies with vastly superior satellite receiver hardware have been analyzing the same unencrypted data for years.\u201d The team hopes their work will pressure private companies and governments to adopt stronger <a href=\"https:\/\/interestingengineering.com\/science\/china-military-encryption-hacking-quantum-system\" target=\"_blank\" rel=\"dofollow noopener\">encryption<\/a> measures. \u201cAs long as we\u2019re on the side of finding things that are insecure and securing them, we feel very good about it,\u201d Schulman told Wired. For now, the message from the researchers is clear. It\u2019s time to look up, because someone already is.<\/p>\n","protected":false},"excerpt":{"rendered":"A new study by researchers at the University of California, San Diego (UCSD), and the University of Maryland&hellip;\n","protected":false},"author":2,"featured_media":121829,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[270],"tags":[12280,982,2594,3600,11015,35367,18,39160,19,3113,285,17,26322,74242,1218,824,3021,133,451,5189],"class_list":{"0":"post-121828","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-space","8":"tag-communication","9":"tag-cybersecurity","10":"tag-data","11":"tag-data-breach","12":"tag-data-privacy","13":"tag-data-transmission","14":"tag-eire","15":"tag-encryption","16":"tag-ie","17":"tag-intelligence","18":"tag-internet","19":"tag-ireland","20":"tag-leak","21":"tag-military-data","22":"tag-network","23":"tag-privacy","24":"tag-satellite","25":"tag-science","26":"tag-space","27":"tag-surveillance"},"share_on_mastodon":{"url":"","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts\/121828","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/comments?post=121828"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts\/121828\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/media\/121829"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/media?parent=121828"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/categories?post=121828"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/tags?post=121828"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}