It sounds like the premise of a high-tech thriller, but the reality is even more unsettling: for years, a torrent of sensitive data—including private phone calls, corporate secrets, and even military operations—has been streaming down from the skies, wide open for anyone with a modest budget and a bit of curiosity. On October 14, 2025, researchers from the University of California, San Diego (UCSD), and the University of Maryland (UMD) unveiled the results of a three-year investigation that exposes gaping vulnerabilities in global satellite communications. Their findings, presented at the Annual Computer Security Applications Conference and an Association for Computing Machinery conference in Taiwan, have sent shockwaves through the cybersecurity world, telecommunications industry, and even military circles.
Armed with nothing more sophisticated than an $800 collection of off-the-shelf parts—a $185 satellite dish, a $140 roof mount with a $195 motor, and a $230 tuner card—the research team set up shop atop a UCSD building in San Diego’s La Jolla neighborhood. Over the course of three years, they simply pointed their dish at the sky and listened. What they found was, in a word, staggering. According to Wired, “nearly half of all the communications being beamed down from satellites were completely unencrypted.”
The researchers were able to intercept thousands of sensitive communications, ranging from personal and corporate data to military and law enforcement transmissions. Among the intercepted material were private T-Mobile phone calls and texts, in-flight Wi-Fi data from commercial airlines, and even critical commands for power grids and offshore oil platforms. They also picked up military and police communications, which, shockingly, included details about troop locations and mission specifics. As UCSD professor Aaron Schulman, who co-led the research, put it, “It just completely shocked us. There are some really critical pieces of our infrastructure relying on this satellite ecosystem, and our suspicion was that it would all be encrypted. And just time and time again, every time we found something new, it wasn't.”
The scope of the problem is immense. The team estimates they only managed to observe about 15 percent of all satellite traffic, suggesting that the real scale of unprotected data floating through the ether is far greater. According to the study, roughly half of all geostationary satellite signals are vulnerable to eavesdropping. And the barrier to entry? Incredibly low. Matt Blaze, a computer scientist and cryptographer at Georgetown University, told Wired, “This was not NSA-level resources. This was DirecTV-user-level resources. The barrier to entry for this sort of attack is extremely low.”
Why does this matter to the average person? Because satellite links are the hidden backbone for much of the world’s communications infrastructure. Your phone call from a remote area, your texts, or even the Wi-Fi you use on an airplane might be routed through these satellites. If those links aren’t encrypted, your data is, quite literally, up for grabs. The implications go beyond personal privacy: hackers could potentially use these vulnerabilities to create fake cell towers, tricking devices into connecting and exposing even more sensitive information. It’s a national security risk and a personal privacy nightmare rolled into one.
The research also revealed that some of the most sensitive communications—those involving critical infrastructure and military operations—were among the least protected. The team intercepted unencrypted communications from US military vessels, including ship names and internet traffic, as well as even more sensitive details from Mexican military and law enforcement. These included asset tracking, maintenance records, and mission details for helicopters, sea vessels, and armored vehicles. In some cases, the researchers even picked up intelligence related to narcotics trafficking.
It wasn’t just military and government data at risk. The researchers found that the Comisión Federal de Electricidad (CFE), Mexico’s state-owned electric utility, was transmitting internal communications in the clear. These included work orders with customer names and addresses, as well as discussions about equipment failures and safety hazards. Corporate emails, inventory records from Walmart’s Mexican subsidiary, and ATM communications from banks like Santander Mexico and Banorte were also exposed.
When the researchers began notifying affected organizations in December 2024, responses varied. T-Mobile, for example, quickly moved to encrypt its satellite transmissions. A T-Mobile spokesperson told Wired, “Last year, this research helped surface a vendor's encryption issue found in a limited number of satellite backhaul transmissions from a very small number of cell sites, which was quickly fixed.” AT&T also responded, saying a misconfiguration had affected a small number of cell towers in remote Mexico, which was promptly resolved. Other companies, however, have been slower to act, and some remain unnamed by the researchers due to ongoing concerns.
Many companies, like Panasonic Avionics Corporation and SES (the parent company of Intelsat), emphasized that they provide the tools for security but often leave the choice of encryption up to users. A spokesperson for SES explained, “For SES’s inflight customers, for example, SES provides a public Wi-Fi hot spot connection similar to the public internet available at a coffee shop or hotel. On such public networks, user traffic would be encrypted when accessing a website via HTTPS/TLS or communicating using a virtual private network.” Santander Mexico confirmed that the exposed traffic related to a small number of ATMs in remote areas and that “measures that reinforce the confidentiality of technical traffic” have since been implemented.
Despite some progress, the researchers and cybersecurity experts remain concerned. Matt Green, a computer science professor at Johns Hopkins University who reviewed the study, remarked, “It's crazy. The fact that this much data is going over satellites that anyone can pick up with an antenna is just incredible.” He added, “This paper will fix a very small part of the problem, but I think a lot of it is not going to change.”
The researchers have decided to release their open-source software tool, “Don’t Look Up,” to the public via Github, hoping to spur more organizations to take action. But they acknowledge that this could also enable less scrupulous actors to exploit the vulnerabilities. Schulman expressed confidence in their approach, stating, “As long as we’re on the side of finding things that are insecure and securing them, we feel very good about it.”
There is little doubt among experts that intelligence agencies have been aware of—and exploiting—these vulnerabilities for years. In fact, the US National Security Agency warned about the lack of encryption in satellite communications as far back as 2022. UCSD cryptography professor Nadia Heninger, another co-lead of the study, compared the revelations to those of Edward Snowden, which exposed the scale of government surveillance on global communications. “The threat model that everybody had in mind was that we need to be encrypting everything, because there are governments that are tapping undersea fiber optic cables or coercing telecom companies into letting them have access to the data,” Heninger said. “And now what we're seeing is, this same kind of data is just being broadcast to a large fraction of the planet.”
As the dust settles from these revelations, the message is clear: the era of assuming that satellite communications are inherently secure is over. With just a few hundred dollars and some determination, anyone can “look up” and find a world of secrets floating overhead—unless a global effort is made to finally lock them down.
