Security experts have found that up to 50% of geostationary satellites orbiting Earth are transmitting sensitive information from consumers, businesses, and the military without encryption, leaving this data vulnerable to interception.
Researchers from UC San Diego and the University of Maryland invested $800 in a commercially available satellite receiver and monitored signals for three years. During this period, they intercepted large volumes of unprotected data sent to and from space, such as private phone conversations, text messages, and internet activity from airline Wi-Fi networks.
Wired, the first to report on the study, noted that the unencrypted transmissions also involved communications among essential infrastructure operators, including those in the energy and water sectors, as well as offshore oil and gas facilities.
Over the last year, the researchers have notified the impacted entities, such as T-Mobile and AT&T’s Mexican network, which responded by implementing encryption to secure their data against future interception.
However, the researchers caution that some organizations, including key infrastructure providers, have yet to address their data vulnerabilities, and significant amounts of satellite data are likely to remain exposed for years ahead.
