Gone are the days when space was the exclusive domain of the United States and the Soviet Union. With falling rocket launch costs and the miniaturization of technologies, access to orbit is no longer the privilege of a handful of superpowers. Illicit and hostile actors are beginning to probe this new operational domain. A number of early incidents have already occurred. While minor and — so far — without consequence, their mere occurrence is cause for concern. It must now be recognized: space terrorism is no longer unthinkable. Armed groups constantly seek out high-impact operations. Disrupting satellites, even civilian ones, would generate profound psychological shock, introducing a strategic rupture rarely seen in the history of conflict: the goal is no longer to kill the enemy, but to isolate and immobilize them by severing their societal lifelines.
Jordan Cohen of the Interdisciplinary Center (IDC) has defined space terrorism as “the unlawful use or threat of use of force against space infrastructure or systems, with the intent to intimidate or coerce a government or civilian population, or to pursue political, religious, or ideological objectives.” [[1]] While this definition offers a solid conceptual baseline, it should be approached with caution. As space becomes an increasingly contested domain, definitions and typologies are likely to evolve. What is already indisputable, however, is that non-state actors have expressed both intent and interest in targeting orbital infrastructure to advance political goals through violence. On this front, the warning signs are no longer theoretical.
In just two decades, space has transitioned from an exclusive geopolitical domain to a commercially driven arena shaped by market dynamics. The shift has been led by private actors like SpaceX and Blue Origin, whose pragmatic approach has reshaped access to orbit. [[2]] Beyond the advent of reusable launch vehicles, the real disruptor lies in the miniaturization of satellites. CubeSats — compact spacecraft typically weighing under 10 kilograms — now carry out missions once reserved for large, high-cost platforms such as high-resolution imaging, orbital logistics, and more.
This redefinition of what is technologically possible has lowered entry barriers and emboldened a new generation of spacefaring nations. Strategic ambition is no longer the sole preserve of traditional space powers. In 2017, the Indian Space Research Organisation (ISRO) illustrated this transformation by deploying a record-breaking 104 satellites in a single mission. Over two-thirds of them formed an Earth observation constellation, offering persistent coverage and imaging capability once monopolized by a few state militaries. [[3]] The message was clear — agility and volume can now rival mass and exclusivity in the orbital domain.
Identification of threats
We are currently witnessing the emergence of a branching architecture of threats in the space domain. The first and most accessible layer involves signal interception. Today, a structured terrorist organization could plausibly engage in passive eavesdropping on unencrypted satellite communications. With commercially available software-defined radio (SDR) devices, such as the RTL-SDR, priced under $50,[[4]] it is technically possible to capture satellite signals with only a moderate level of technical expertise. However, intercepting encrypted signals remains beyond reach unless the group benefits from insider support. For instance, the defection of a military cryptographic specialist could give terrorists access to classified protocols, decryption keys, or decoding methods. This knowledge would dramatically increase their operational capabilities. Such an organization could monitor troop movements, avoid detection during counterterrorism sweeps, or precisely time attacks against under-protected infrastructure.
Another major threat is satellite jamming, which involves emitting disruptive signals on the same frequency as a satellite to degrade or disable its function. GPS jammers, often sourced from the black market, can emit enough interference to degrade satellite-reliant systems. Airlines have already reported navigation disruptions caused by false GPS signals that led to onboard system malfunctions over northern Iraq. [[5]] Closely related is GPS spoofing, which consists of generating counterfeit satellite signals to deceive a target device. The affected system, whether a drone or an autonomous navigation module, receives fabricated coordinates, believing them to be genuine. This technique could be weaponized by terrorist groups in complex sabotage operations, such as hijacking drones or misdirecting automated maritime systems.
While technically challenging, spoofing is not out of reach for a well-resourced armed organization. All it requires is a signal generator (around $100,000), synchronized frame-generation software (estimated at $200,000), and a high level of expertise in radio-frequency and satellite navigation systems. These figures may seem prohibitive, but when compared to traditional warfare investments, they are not. While seemingly high, these costs pale in comparison to conventional armament budgets. A single TOW (Tube-launched, Optically tracked, Wire-guided) missile is a second-generation American anti-tank weapon and typically costs between $75,000 to $100,000, a standard expense in most theatres of war. Ultimately, the barrier to entry is not financial, it is human capital. Spoofing requires more in terms of technical skills than monetary investment.
The critical variable remains the human factor. If a terrorist organization manages to recruit technically trained and highly skilled personnel, operational thresholds quickly dissolve. Sophisticated tactics such as Man-in-the-Middle (MitM) attacks, where an adversary covertly intercepts and alters communications between a satellite and its ground control station, become plausible. These operations are regarded as highly complex, requiring privileged access to segments of terrestrial infrastructure, such as ground relay stations or orbital routing servers. They also demand deep expertise in cybersecurity, satellite communication protocols, and network penetration techniques. Ultimately, the weakest link in any system, however advanced or fortified, is the human operator.
Early Indicators of Space-Enabled Subversion
While recorded incidents of “space terrorism” remain rare, two early cases reveal the disruptive potential of space-based signal hijacking. In 2002, the Falun Gong movement successfully intercepted and altered the broadcast streams of 19 Chinese television channels. Using readily accessible civilian broadcasting tools, they were able to override Sinosat, the state-owned satellite, at a cost estimated between $200,000 and $400,000. State-controlled media feeds were temporarily replaced with ideological content, symbolically breaching the Chinese state’s information architecture. [[6]] This operation set a precedent. Three years later, the Sri Lankan separatist group LTTE hijacked an unused transponder on Intelsat-12 to broadcast its propaganda through the National Television of Tamileelam (NTT), establishing a persistent satellite channel outside of state control. Both cases illustrate how rudimentary but targeted disruption of orbital assets can serve as low-cost, high-impact rehearsals for future space-enabled psychological or strategic operations.[[7]]
In June 2013, India witnessed a precursor event that redefined how space infrastructure may be targeted by non-state threats. A letter discovered outside the Indian Space Research Organisation (ISRO) center in Bangalore, written in English and Urdu, warned of coordinated attacks on several strategic sites, including the national space agency. [[8]] This incident marked the first documented case of space infrastructure being explicitly named in terrorist threats in South Asia. While no group claimed responsibility and authorities suspected a hoax or act of intimidation, the episode nonetheless revealed a growing awareness among extremist actors that outer space now represents a new symbolic and operational frontier. [[9]]
An even more concerning case took place in 2018, when the American start-up Swarm Technologies illegally launched four nanosatellites, known as SpaceBEEs, without prior authorization from the Federal Communications Commission (FCC). Due to their extremely small size, the satellites were nearly undetectable by conventional radar systems. Despite the FCC’s formal denial, the company proceeded with the launch. [[10]] This regulatory bypass demonstrated that it is technically possible to insert objects into orbit without official approval. The episode exposed how malicious or clandestine payloads could potentially slip past orbital surveillance systems. A terrorist actor, benefiting from technical assistance or state sponsorship, could exploit such vulnerabilities to insert a device into geostationary orbit, potentially threatening critical assets. While U.S. regulators quickly responded and tightened oversight, the systemic issue remains. As commercial space launches multiply and jurisdictional overlap increases, so too does the surface of exposure. Governance gaps are no longer theoretical — they are operational realities. [[11]]
Compliance with procedures is all the more critical given that several terrorist groups have received support from states in recent history. What would happen if nations decided to break the very international rules they once signed and shared their orbital access capabilities with illegal actors? What kind of technological expertise would be transferred? A telling example is the February 2022 attack on the KA-SAT satellite network, a European high-throughput communications satellite providing internet access across Europe and parts of the Middle East, one of the first instances of cyber warfare conducted in parallel with a conventional ground conflict. The operation, attributed to a state actor, targeted the satellite’s ground infrastructure rather than the sattelite itself, and resulted in more than 10,000 civilian modems being taken offline. [[12]]
This incident demonstrated that a state can delegate the mission of disrupting an adversary’s infrastructure to an Advanced Persistent Threat (APT) group it supports rather than doing it itself. APTs are structured units capable of penetrating sensitive networks, including governmental or military systems. [[13]] Unlike conventional cyberattacks, an APT does not seek immediate damage, but rather aims to exfiltrate confidential data, monitor communications, or prepare acts of sabotage. These operations involve a high degree of coordination, funding, and expertise.
While none of this is officially confirmed, several APT groups are suspected of having ties to state intelligence services. Several groups categorized as APTs have been identified as possessing advanced technical capabilities and a high level of organizational structure. Open-source reporting suggests that APT28 (Fancy Bear) may have links to military entities while APT29 (Cozy Bear) is frequently associated with foreign intelligence services. APT35 (Charming Kitten) is described as benefiting from institutional backing, while APT1 (Comment Crew) has been cited in analytical reports as potentially operating under a military framework. While these assessments remain unconfirmed, they highlight the emergence of sophisticated cyber actors operating in a gray zone between state affiliation and operational autonomy. [[14]]
Toward a Framework for Space Diplomacy
These vulnerabilities are not hypothetical; they have already been exploited in real-world scenarios. The emergence of what can be described as “space terrorism” is particularly alarming, as cybersecurity audits continue to reveal unexpected weaknesses. In April 2023, during a controlled exercise, a team of cybersecurity experts from the French aerospace corporation Thales managed to compromise the OPS-SAT satellite operated by the European Space Agency. Within a few hours, they gained access to critical functions, including satellite positioning, onboard camera systems, and GPS parameters. The intrusion required no specialized hardware, only commercially available tools, and allowed the injection of malicious code that corrupted the satellite’s telemetry data. [[15]]
The 1967 Outer Space Treaty, once a cornerstone of space governance, now appears structurally outdated in light of emerging threats and technologies. At the time of its drafting, notions such as dual-use satellites capable of optical reconnaissance, encrypted communication, or data relaying had yet to materialize. Today’s spacecraft are expected to operate with secure architectures, yet many still lack robust protocols such as end-to-end encryption or multi-factor authentication. Even the concept of “cyberactivity” was entirely absent from the legal vocabulary of the era. These gaps call into question the treaty’s ability to govern a domain now permeated by digital vulnerabilities and military entanglements.
While the treaty’s original spirit, ensuring peaceful use and prohibiting national appropriation, remains valid, contemporary realities demand sharper legal definitions. What constitutes a hostile act in space? How should international law address a satellite-based cyberattack conducted by a non-state actor? Could interference with orbital systems amount to a violation of sovereignty or even a casus belli? As outer space becomes an extension of terrestrial rivalries, the absence of binding rules on digital warfare and covert operations is no longer sustainable.
A space diplomacy framework would enable the definition of state responsibility regimes beyond Earth’s atmosphere within a multilateral and coordinated setting. It would also provide the opportunity to address concepts that, while currently undefined, are central to the reality of orbital risks. These include state-sponsored space attacks, covert acts of terrorism, and satellite piracy. Only an international regulatory framework based on clear, verifiable, and binding norms can preserve orbital stability. Space must not remain a legal grey zone in a world increasingly reliant on its space-based infrastructure. Where the law falters, war slips in.
Disclaimer:
The views and opinions expressed in the INSIGHTS publication series are those of the individual contributors and do not necessarily reflect the official policy or position of Rabdan Security & Defense Institute, its affiliated organizations, or any government entity. The content published is intended for informational purposes and reflects the personal perspectives of the authors on various security and defence-related topics.
[1]https://ict.org.il/ragonis-scholarship-space-terrorism/
[2]https://electronics360.globalspec.com/article/21770/how-nanosatellites-are-reshaping-global-connectivity
[3]https://www.un.org/en/chronicle/article/space-technology-and-implementation-2030-agenda
[4] https://hal.science/hal-03575956/
[5] https://safeairspace.net/iraq/?utm_source=chatgpt.com,https://www.zonearmee.com/des-signaux-gps-contrefaits-au-moyen-orient-font-devier-lavion-de-150-kilometres-de-sa-trajectoire/
[6]https://archive-yaleglobal.yale.edu/content/falungongs-signals-defiance-china?utm_source=chatgpt.com
[7]https://jamestown.org/program/communications-satellite-embodies-turkeys-growing-technological-sophistication/?utm_source=chatgpt.com
[8] ISRO (Indian Space Research Organisation) is India’s national space agency. It is the equivalent of NASA in the United States or CNES in France.
[9]https://www.deccanherald.com/india/isro-facility-receives-threat-letter-2266972?utm_source=chatgpt.com#google_vignette
[10]https://www.theatlantic.com/technology/archive/2018/05/rogue-satellites-launch-fcc/555482/?utm_source=chatgpt.com
[11]The Federal Communications Commission (FCC) fined Swarm Technologies $900,000 for the unauthorized launch of four nanosatellites (SpaceBEEs) despite a license denial. https://www.fcc.gov/document/fcc-reaches-900000-settlement-unauthorized-satellite-launch?utm_source=chatgpt.com
[12]https://www.viasat.com/perspectives/corporate/2022/ka-sat-network-cyber-attack-overview/?utm_source=chatgpt.com
[13]https://www.legitsecurity.com/aspm-knowledge-base/advanced-persistent-threat-examples?utm_source=chatgpt.com
[14] https://threatpost.com/charming-kitten-powershell-backdoor/178158/?utm_source=chatgpt.com
[15] https://attack.mitre.org/groups/G0007/?utm_source=chatgpt.com
[16]https://www.areion24.news/2023/10/23/la-securite-des-communications-par-satellite-une-infrastructure-critique-pour-la-transmission-de-donnees/
[12]https://www.viasat.com/perspectives/corporate/2022/ka-sat-network-cyber-attack-overview/?utm_source=chatgpt.com
[13]https://www.legitsecurity.com/aspm-knowledge-base/advanced-persistent-threat-examples?utm_source=chatgpt.com
[14] https://attack.mitre.org/groups/G0007/?utm_source=chatgpt.com
[15]https://www.areion24.news/2023/10/23/la-securite-des-communications-par-satellite-une-infrastructure-critique-pour-la-transmission-de-donnees/
