Security researchers have found that up to half of all geostationary satellites are transmitting sensitive consumer, corporate, and even military data without encryption—leaving the information exposed to anyone with a basic satellite receiver.
The team from UC San Diego and the University of Maryland spent three years using an $800 off-the-shelf satellite receiver to intercept transmissions. They discovered large volumes of unencrypted voice calls, text messages, in-flight Wi-Fi traffic, and critical infrastructure communications between utilities and offshore oil platforms.
The findings, first reported by Wired, prompted some companies, including T-Mobile and AT&T Mexico, to begin encrypting their satellite data. But the researchers warned that many critical infrastructure providers have yet to act, meaning vast amounts of data will remain exposed for years.
