Security researchers have discovered that as many as half of all geostationary satellites in Earth’s orbit are carrying unencrypted sensitive consumer, corporate, and military information, making this data wide open to eavesdropping.
The researchers at UC San Diego and the University of Maryland spent $800 on an off-the-shelf satellite receiver and pointed it at the sky for three years. They found reams of unencrypted data beaming to and from space, including people’s private voice calls and text messages, and consumer internet traffic from in-flight Wi-Fi services.
The unencrypted data also included communications between critical infrastructure systems, such as energy and water suppliers, and off-shore oil and gas platforms, according to Wired, which first published the researchers’ findings.
The researchers spent the past year alerting affected organizations to the exposure, including T-Mobile and AT&T’s network in Mexico, which began encrypting their data soon after to prevent future eavesdropping.
But the researchers warn that not everyone has remediated their own exposed data, including some critical infrastructure providers, and that large amounts of satellite data will be exposed for some years to come.
