Posted on 10/14/2025 11:14:36 AM PDT by Red Badger
UCSD and UMD researchers found that many satellites are transmitting sensitive data, without encryption, to anyone with an antenna.
Anew study by researchers at the University of California, San Diego (UCSD), and the University of Maryland (UMD) has revealed that a vast portion of global satellite communications, including personal, corporate, and even military data, is being broadcast unencrypted and can be intercepted using less than $800 in off-the-shelf equipment.
The team’s three-year investigation found that roughly half of all geostationary satellite signals are left vulnerable to eavesdropping. Using a small satellite receiver system set up on the roof of a UCSD building in San Diego, the researchers collected thousands of sensitive communications that were never intended to be public.
“We were shocked,” said Aaron Schulman, a UCSD professor who co-led the research, in an interview with Wired. “Some critical pieces of our infrastructure rely on this satellite ecosystem, and our suspicion was that it would all be encrypted. And just time and time again, every time we found something new, it wasn’t.”
The team’s findings will be presented at a Taiwan Association for Computing Machinery conference under the paper “Don’t Look Up.” The title, a nod to the 2021 film, reflects what the researchers describe as the apparent security strategy of the satellite communications industry—assuming that no one would ever look up to check. “They assumed that no one was ever going to check and scan all these satellites and see what was out there,” Schulman said. “That was their method of security. They really didn’t think anyone would look up.”
A sky full of leaks
The UCSD and UMD team built a satellite receiver system using widely available parts for their research. A $185 satellite dish, a $140 roof mount with a $195 motor, and a $230 tuner card. They intercepted a stream of unprotected signals by aiming the dish at various geosynchronous satellites visible from their location.
Over time, they gathered a trove of private communications, including samples of Americans’ calls and texts on T-Mobile’s network, in-flight Wi-Fi browsing data from airline passengers, internal messages from electric utilities and offshore oil and gas platforms, and even communications belonging to the US and Mexican militaries.
These signals, the researchers explained, are continuously broadcast to vast areas of the Earth, often covering over 40 percent of the planet at any given moment. “These signals are just being broadcast to over 40 percent of the Earth at any point in time,” said one of the researchers, James Levin, in the detailed Wired investigation.
Much of the data exposure stemmed from how telecom companies use satellites to connect remote cellular towers to their core networks, a process known as “backhaul.” Some towers in remote deserts or mountainous regions send data through satellites, and anyone within the satellite’s coverage area can potentially intercept those signals. This allowed the researchers to capture unencrypted backhaul data from carriers, including T-Mobile, AT&T Mexico, and Telmex.
The researchers did not actively intercept communications but only passively listened to what was being transmitted. However, the ease with which they obtained sensitive information exposes a major security lapse in the global satellite infrastructure.
Military and infrastructure data exposed
Among the most alarming findings were unencrypted military and law enforcement communications. The team detected unprotected internet traffic from US military sea vessels, including ship names and identifiers. The situation was even worse for Mexican military and law enforcement agencies, whose exposed communications included intelligence reports on narcotics trafficking, maintenance records for aircraft such as Mil Mi-17 and UH-60 Black Hawk helicopters, and real-time location data for personnel and equipment.
“When we started seeing military helicopters, it wasn’t necessarily the sheer volume of data, but the extreme sensitivity of that data that concerned us,” Schulman told Wired.
The researchers also uncovered unprotected data from critical infrastructure systems. Mexico’s state-owned electric utility, Comisión Federal de Electricidad (CFE), which has about 50 million customers, was found to be transmitting internal communications in plain text, including customer information, work orders, and safety reports. In some cases, industrial control systems in the United States were also found to send unencrypted operational data via satellite, prompting warnings from the researchers.
During follow-up calls with affected organizations, some infrastructure operators feared that unencrypted satellite communications could be exploited to surveil or disrupt facility operations.
While many companies moved quickly to secure their systems after being notified, including Walmart, which encrypted its satellite communications, others, particularly certain US critical infrastructure operators, have yet to take action.
A global blind spot
Due to the limited field of view and satellite orientations, the researchers estimate that their San Diego setup captured only about 15 percent of all geostationary satellite signals in operation. That small sample, however, revealed massive amounts of unprotected data, implying that far more may still be exposed worldwide.
Matt Green, a computer science professor at Johns Hopkins University who reviewed the study, told Wired that the scope of the vulnerability is staggering. “It’s crazy. The fact that this much data is going over satellites that anyone can pick up with an antenna is just incredible,” he said. “This paper will fix a small part of the problem, but I think much will not change.”
Given how inexpensive and accessible the required equipment is, the findings raise concerns that others, including foreign intelligence agencies, could already exploit these vulnerabilities. The researchers themselves acknowledged this likelihood.
“There’s little doubt,” Schulman said, “that intelligence agencies with vastly superior satellite receiver hardware have been analyzing the same unencrypted data for years.” The team hopes their work will pressure private companies and governments to adopt stronger encryption measures. “As long as we’re on the side of finding things that are insecure and securing them, we feel very good about it,” Schulman told Wired. For now, the message from the researchers is clear. It’s time to look up, because someone already is.
==========================================================================
ABOUT THE AUTHOR
Kaif Shaikh Kaif Shaikh is a journalist and writer passionate about turning complex information into clear, impactful stories. His writing covers technology, sustainability, geopolitics, and occasionally fiction. A graduate in Journalism and Mass Communication, his work has appeared in the Times of India and beyond. After a near-fatal experience, Kaif began seeing both stories and silences differently. Outside work, he juggles far too many projects and passions, but always makes time to read, reflect, and hold onto the thread of wonder.
|
Click here: to donate by Credit Card Or here: to donate by PayPal Or by mail to: Free Republic, LLC - PO Box 9771 - Fresno, CA 93794 Thank you very much and God bless you. |
Communications companies never indicated that they secure your data. That is YOUR job, especially for something like The Pentagon.
LORD have mercy!
It’s intentional
does HilLIARy happen to own any communications satellites?
just wondering
The water condenser is out on AF.
Perhaps this explains the in-person meeting with the 800+ generals.
No freshwater on Midway Island.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.