According to SpaceNews, Deloitte launched its first cyber defense satellite named Deloitte-1 in March, with plans to operate nine spacecraft over the next 18 months. The consulting giant’s “Silent Shield” system represents a fundamental shift in space security – moving defenses from ground stations directly into orbit. Meanwhile, space-related cyber incidents have surged 118% in 2025 compared to 2024, with 117 publicly reported attacks just from January through August. Bradley Pyburn, a retired Air Force major general now at Deloitte, emphasized that defenders “have to be perfect everywhere” while attackers “only have to get it right once.” The program tests 20 different threat profiles based on the SPARTA framework, actively launching cyber attacks against its own satellite to validate defenses.
Sponsored content — provided for informational and promotional purposes.
Why space cyber is different
Here’s the thing about satellite security – it’s not like protecting your laptop. The attack surface is massive and the stakes are ridiculously high. We’re talking about ground stations, uplinks, downlinks, cross-links between satellites, and the actual spacecraft themselves. And as Ryan Roberts from Deloitte pointed out, satellites are “essentially computers with solar panels on them” that often lack even basic cyber protections.
But the real problem is what military folks call the asymmetry. Defenders need to secure every single point in this complex chain perfectly. Attackers? They just need one vulnerability. One weak link. And with more companies launching constellations and more ground stations coming online, that attack surface keeps expanding. Basically, we’re building a bigger target while the bad guys are getting better aim.
The real-world threats
We’re not talking theoretical risks here. The Viasat attack during Russia’s Ukraine invasion showed exactly how this plays out. Russian hackers didn’t go after satellites directly – they targeted the ground-based modems. Ron Bushar from Google Public Sector called it a “teaching moment” because it demonstrated how adversaries can achieve strategic objectives without fancy space attacks.
Then there’s Salt Typhoon, the Chinese state-sponsored campaign that started targeting telecom providers like Verizon and AT&T, then expanded to satellite communications. And let’s not forget the ransomware threat – imagine criminal groups holding an entire satellite constellation hostage until someone pays up. Roberts from Deloitte put it bluntly: “How lucrative that could be for a criminal.”
Are current defenses enough?
The Pentagon has its Cybersecurity Risk Management Construct (CRMC), which replaced the older Risk Management Framework. But industry executives are saying what everyone’s thinking – compliance checkboxes don’t stop determined attackers. Timothy Zentz from Nightwing put it perfectly: Requirements like CRMC are “a necessary thing… but our belief is that it’s incomplete.”
Pyburn’s comment hits even harder: “You can build a perfectly RMF-approved, CRMC-approved, defensible system, and then the adversary gets a vote.” That’s why Deloitte designed Silent Shield as an out-of-band system – meaning if the cyber defense payload itself gets compromised, it can’t be used to attack the satellite. It’s a one-way street for data collection.
What comes next
Zentz expects that “the threats are probably advancing more rapidly than the solutions.” That’s a sobering thought when you consider how much of our daily lives – from GPS to weather forecasting to financial transactions – depend on space infrastructure. Deloitte’s pushing for every new satellite to have basic cyber protection built in, not bolted on later.
The real question is whether the space industry can move fast enough. We’re seeing consulting firms launching satellites, private equity spinning off cybersecurity companies, and military leaders calling cyber the “soft underbelly” of space operations. But can we secure the final frontier before the hackers claim it as their own? The race is on, and Deloitte just put nine more players on the field.
