Click here to watch the full discussion.
As the armed forces grow more dependent on space-based assets, cyber dangers aimed at these systems are becoming more advanced, hostile, and widespread. Leaders from the Space Force and the private sector explain that assaults on space infrastructure are no longer confined to single, isolated ground-based incidents; instead, they are turning into ongoing, multi-domain operations that target the entire space architecture—from ground stations to orbiting satellites.
“They’re striking the communication link, then they’re striking the satellites directly. In Ukraine, we’ve witnessed attacks moving from ground to space and from space to space. The threat to our satellites is escalating, and we recognize that our adversaries are applying similar tactics against us,” said Col. Brian Mihalko, Director of Cyber and Data at Space Systems Command, speaking during Federal News Network’s panel titled *Securing the Space Domain: Cyber Resilience in a Contested Environment*.
This challenge is made harder by the difficulty of merging new technologies with older systems already in orbit—systems that were built when cybersecurity was not a primary concern.
At the same time, while the fast rollout of commercial innovations and next-generation capabilities is boosting resilience in space, it is also broadening the number of potential entry points for attackers and introducing fresh vulnerabilities.
“When you begin combining different capabilities, each part may be secure on its own, but the interfaces—the ‘seams’—between them often carry legacy weaknesses,” said Chris Jones, Chief Technology Officer at Nightwing.
Jones emphasized that protecting space systems demands a full understanding of the supply chain, pinpointing every possible entry point an adversary might exploit, and ensuring all components are strengthened against both cyber threats and physical tampering.
“I believe there is still progress to be made in improving our anti-tamper and resilience measures so that every vulnerable part has been properly assessed. Going forward, we’re launching many assets into orbit rapidly, which is positive. We may need some of that speed initially, but we’ll likely end up playing catch-up later—ensuring we’re adopting the attacker’s viewpoint, scrutinizing our own systems, and hardening them as much as possible,” Jones noted.
“However, I do think today’s overall system design is far more flexible than in the past, and I believe we’re heading in a very promising direction in that regard,” he added.
Jennifer Buss, CEO of the Potomac Institute for Policy Studies, pointed out that the Space Force must also reconsider how satellites are conceived from day one. Historically, the Department of Defense specified computing needs early in development, but future satellites will need built-in spare processing power to support added capabilities throughout their operational life.
Moreover, deploying artificial intelligence directly in space—on the “edge”—will introduce a completely new range of technical and cybersecurity hurdles.
“What does that actually look like? We’re still figuring that out. How will it function? There’s a great deal to work through, and ensuring we have both the capability and the power supply to support it is an ongoing process,” Buss explained.
Mihalko shared that the Space Force is working to “shift cyber resiliency to the left”—meaning it is embedding cybersecurity requirements much earlier in the acquisition cycle.
“We are now requiring zero trust principles, secure software supply chain documentation, and hardware integrity tracking right from the earliest stages of procurement,” Mihalko stated.
The service is also increasingly asking contractors to deliver digital twins of space systems. These virtual replicas allow for cyber testing, red team simulations, and operator training before hardware is ever launched into space.
“Updating our acquisition processes will help us evolve, support our industry partners in transforming, and strengthen the defense industrial base. It makes acquisitions quicker, more focused, and ultimately, that’s what will enable us to stay ahead of threats and outmaneuver our competitors,” Mihalko said.
Defending a Distributed Space Architecture
However, the move toward distributed space architectures is undermining traditional cybersecurity methods like continuous monitoring. Retired Marine Corps Maj. Gen. Ryan Heritage explained that future cyber defense will demand greater decentralized computing power and monitoring capabilities spread across assets.
“How do you receive those instant alerts? And then, what happens next—not just monitoring, but actual response? Once a vulnerability is found, who responds and how? At the core, especially for on-orbit systems, a lot comes down to having sufficient computing power,” Heritage said.
Jones added that the sheer number of assets expected in orbit, along with the vast amount of data flowing between them, will require sophisticated analytics and computing done at the edge—right on the spacecraft.
“We need computing power to run advanced analytics so we can maintain a clear operational picture—a real-time understanding of what’s happening—so human operators can make decisions quickly, whether that means patching, upgrading, defending, or taking corrective action. The key going forward will be how effectively we can push these analytics to the edge,” Jones explained.
Mihalko described how the Space Force tackles the complexity of continuous monitoring by dividing it into “manageable, focused efforts.”
“We organize this work by mission area—such as GPS, military communications, missile warning, and space surveillance—and then by segment of the architecture. For ground systems, we can rely on more traditional continuous monitoring methods, with cyber warfare squadrons actively watching over networks. But for space vehicles and satellites, continuous monitoring is far harder due to the intermittent nature of communication—when we can contact them and download telemetry. Right now, we are extending cyber monitoring to the edge,” Mihalko explained.
Mihalko noted that the Space Force has developed a zero trust reference architecture specifically for space vehicles, which translates the Department of Defense’s zero trust framework into practical guidelines applicable to satellite systems.
“This framework enables us to push continuous monitoring out to the edge by deploying lightweight intrusion detection systems, automated policy enforcement, and closed-loop detection-and-response tools directly onto spacecraft. This allows satellites to analyze their own telemetry and security logs locally, and only send alerts and anomalies back to the ground when needed—conserving valuable bandwidth,” he added.
Copyright © 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
