Tartu University in Estonia. Photo: Alinozka, CC BY-SA 3.0

Estonia, a country with a population of around 1.4 million people, is on the front line of Europe’s space cyber battle and one of the most advanced nations when it comes to developing cyber capabilities to keep space assets secure.

It has already been a huge year for the space industry in Estonia. In January, this year, a consortium led by Estonian space company, Spaceit signed a multimillion-euro, multiyear contract with the European Space Agency (ESA) to develop an innovative Space Cyber Testing and Training Ground. This initiative will enable companies in the space sector to test their technology, conduct training, and enhance their cyber defense capabilities. The consortium includes Spaceit, CybExer Technologies, CGI Estonia, and the University of Tartu. Expected to open in 2026 in Tallinn, the solutions will be based at the CR14 Foundation premises.

S3 spoke to a number of people in Estonia’s space sector about the ongoing threat from Russia, developing state-of-the-art training facilities, and what is next for Estonia as the threats continue to increase.

[This feature was published exclusively for Space Security Sentinel, a new cyber newsletter from the teams at Via Satellite and CyberSat. Learn more and subscribe here]

A Training Ground

Estonia will now have its own Space Cyber Testing and Training Ground. Martin Hanson, head of marketing, Foundation CR14, told S3 this will allow Estonia, other like-minded countries, and ESA to test, evaluate, and secure its space technology well before any launch windows. However, he believes space is “no longer the final frontier,” but rather the “next battleground.”

“From satellite collisions to GNSS jamming and cyber threats, the challenges in orbit are as real as they are on the ground. As technology advances, so do the risks, and ESA is leading the charge in addressing these with cutting-edge solutions,” he says.

Spaceit, an Estonian space software company is the prime contractor for the Space Cyber Range project, leading the consortium and contributing its software to the solution. Silver Lodi, CEO of Spaceit, believes the initiative is crucial for several reasons.

He told S3, “Many sectors rely heavily on satellite services for their competitiveness and operations. As technology advances, new threats have emerged alongside traditional risks such as technical malfunctions, GNSS jamming, and satellite collisions. With human-induced threats in space becoming increasingly significant, the Space Cyber Range aims to mitigate these risks effectively,” he says. “Different countries focus on various segments of the space ecosystem, and Estonia has chosen to prioritize space cybersecurity. This initiative will not only improve cybersecurity knowledge locally but also across the entire sector, contributing to the elevation of Europe’s digital future.”

CGI Eesti (Estonia) is part of an international CGI group headquartered in Montreal, Canada and provides IT and business consulting services to clients. Sille Kraam, director of consulting for Delivery in Space and Earth Observation, CGI Eesti told S3 that she believes that Estonia can be considered as a global leader in cybersecurity, thanks to its strengths in smart software systems and success in e-government solutions — 99 percent of the country’s public services are digitalized including voting, healthcare, taxes, and business registrations. She says due to country’s high competence in the cybersecurity domain it can a build financially sustainable Space Cyber Range.

“By integrating these public services into a digital ecosystem, Estonia naturally became more focused on securing these systems from cyber threats early on. One good example of our strong expertise in cyber security is that Estonia is home to the Cooperative Cyber Defence Centre of Excellence (CCDCOE), a NATO-accredited center that focuses on research and training in cyber defense,” she says.

Kraam believes Estonia “a significant role” in shaping Europe’s response to cyber and space aggression from Russia.

“In 2007, cyberattacks attributed to Russian-backed hackers marked a pivotal moment for Estonia, as it became one of the first countries to experience large-scale cyber warfare. Therefore Estonia’s strategic location, our digital-first approach to governance, and our historical experience with Russian cyberattack have positioned us as a strong advocate and leader in the European response to these growing threats,” she says.

Kraam says Estonia has been outspoken in condemning Russian cyberattacks and other forms of hybrid warfare, for instance disinformation campaigns and influence operations. She adds, “Estonia has consistently called for a unified European response to such aggressions, stressing the need for collective defense mechanisms in both cyberspace and other domains. We have also stressed European and NATO policies to integrate cyber defense into national security strategies.”

Kraam says she sees attacks on space infrastructure, where the main objective is to disrupt or manipulate satellite operations, to disrupt data flows, steal sensitive data and damage critical infrastructure, as well as disrupt the work of vital services that rely on space technologies.

She then talks of hacking into ground control systems in order to gain control over satellite systems or intercepting satellite communication. Attacks are also taking place on satellite companies or contractors to disrupt their operations/services.

Kraam adds, “You also have signal jamming and spoofing that cause serious threats to satellite based communication and navigation systems. For example, military systems and civilian systems relying on GPS for navigation, transportation and financial systems are vulnerable to jamming. Finally, you have direct physical attacks, that mean basically weapons that are designed to destroy or incapacitate satellites.

CybExer Technologies

The test range is on the frontline of space cybersecurity. CybExer Technologies will be a key technology provider for the Space Cyber Range, playing a critical role in developing and integrating cyber training capabilities tailored for space security. By creating relevant use cases, and working with space technologies, the company aims to contribute to Estonia’s broader objective of enhancing space cybersecurity and ensuring a more secure space environment.

Aare Reintam, co-founder and COO of CybExer, pointed to the fact that in Estonia’s Space Policy and Programme 2020–2027, cybersecurity and national security are seen as top priorities for the country’s space sector. He adds, “[We were] the first nation to experience a large-scale cyberattack and we are home to the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). Establishing a dedicated Space Cyber Testing and Training Ground strengthens Estonia’s capabilities in this evolving landscape and ensures it remains at the forefront of space cybersecurity.”

Reintam says that while existing systems and frameworks are in place, there is a pressing need for greater knowledge-sharing and a structured approach to addressing space cyber threats. “The Space Cyber Training Ground will facilitate hands-on training, research, and testing, helping Estonia and its partners stay ahead of evolving threats,” he says.

The Impact of Finnair Incident

In 2024, there was a spike in GPS jamming attacks in Estonia that caused the major Finnish airline Finnair to suspend flights between Tartu and Helsinki, showing a very real-world example of satellite-based cyber attacks and disruption. Hanson said the attacks targeted a small airfield in Tartu, which mainly uses GNSS in its operations. He called it an example of deliberate, harassing behavior against a small civilian entity that poses no real military threat.

“Something like that would have been unheard of until recently. Yet we hear about it every day now in the Ukrainian war. I don’t even see the attacks as getting caught off guard; you can achieve the same result in smaller airfields all around the world. It’s just that up to recently, this was not done in an organized manner toward civilian infrastructure,” he adds. “Having Russia as a neighbor means that GNSS attacks can occur even against small civilian targets.”

Reintam adds that GPS jamming and electronic interference are growing challenges, not only for Estonia but for the entire region, including Finland and beyond. He says these attacks are highly dependent on physical location and have demonstrated the potential to disrupt aviation, drone operations, and other critical services. “While Estonia has a strong cybersecurity foundation, continuous adaptation and investment in countermeasures are necessary to stay ahead of evolving threats. GPS jamming has remained a persistent issue, impacting not just flight operations but also drone deployments. Reports indicate that Estonia has lost multiple drones to Russian GPS interference, highlighting the ongoing risks,” he says.

Lodi says that the available information suggests that the jamming itself was not particularly sophisticated. However, due to the small size of the airport, alternative landing systems were not in place, which contributed to the disruption, he says.

Lodi believes Estonia was not caught off guard because GPS jamming has been monitored and pilots were aware. “Those flights restarted only a month before the event, after a 1.5 year gap. The common impact is for planes and drones at higher altitudes, and less or negligible for devices on the ground. However, jamming has gotten more frequent due to Ukrainian drone attacks near the other side of the border and due to mitigation options being limited. This is difficult to solve with purely cyber. New hardware and a GNSS constellation in LEO may be required eventually,” he adds.

He believes since the attack on KA-SAT three years ago just before Russia’s invasion of Ukraine, there have been many distributed denial of service (DDoS) attacks targeting different space sector organizations’ IT systems including satellite communication providers, ground stations or satellite networks causing temporary service disruptions.

Kraam says the attacks from Russia have become increasingly sophisticated and Russia has advanced its tools, tactics and strategies to target different organizations and entities. “These cybersecurity related activities are often part of broader geopolitical strategies. Russian cyber operations focused on targeting critical infrastructure – energy, telecommunication, transportation network – can have remarkable impact our national security and economic stability,” she says. “How to defend us against these attacks? I think it would be combination of different actions: our technological capabilities to secure our system like fast adoption of AI and quantum, diplomatic measures and geopolitical coordination, including collaboration with NATO, coordinated responses to cyberattacks.

Hanson agrees that Russian cyber attacks have increased in sophistication. He says we are no longer talking about the DDOS attacks they relied on for years. “These days, they tend to be more varied and time-consuming. But Estonia has already introduced multiple new layers of protection — from around-the-clock monitoring of all critical systems to frequent audits and testing. I think the next steps will focus more on AI’s impact on cyber security.”

The View from Academia

Antti Tamm, is director of Tartu Observatory, University of Tartu, and a link between academia and the commercial space sector in Estonia. Tamm says because Estonia is a small nation, one of its biggest strengths is strong internal connections, with many people knowing each other personally.

Tartu Observatory develops space technology within and beyond ESA projects, drives research-based education, and supplies expertise and manpower to the growing space industry. Tamm said that in 2026, there are plans to launch one of Europe’s first dedicated courses on space cybersecurity, using the upcoming Space Cyber Testing and Training Ground as a practice platform.

Tamm believes that cybersecurity in space applications is a complex and often overlooked. “Until recently, even major space agencies and private companies have been hesitant to address it,” he says. “However, with growing awareness of the risks — alongside emerging challenges such as lunar network developments — both the public and private sectors urgently need practical tools and expertise to assess cybersecurity threats in space. This makes dedicated testing and training facilities increasingly valuable worldwide.”

Trends in Cybersecurity

With Estonia leading the charge against Russia cyber attacks against space assets, there is still much work to be done. So, what are the trends in space and cybersecurity this year? Reintam believes AI and regulatory developments will be two defining factors in space and cybersecurity in 2025. He talks of AI-driven attacks becoming more sophisticated, with adversaries using AI to automate reconnaissance, exploit vulnerabilities, and disrupt space assets. He believes this will include predictive jamming, AI-powered malware, and automated attacks on satellite communications. At the same time, he believes AI will reform defense strategies, enabling real-time threat detection, anomaly analysis, and predictive security measures but its effectiveness will depend on ensuring AI systems themselves are resilient to manipulation.

On the regulatory front, Reintam says governments and space agencies are moving toward stricter cybersecurity standards for space infrastructure. “The EU’s NIS2 and DORA regulations will influence security frameworks for satellite networks and space-based services, while the U.S. and other nations are working on policies to integrate cybersecurity into space system design from the outset. As threats grow, stronger international cooperation and enforcement of cybersecurity best practices will be essential to securing space assets.

These two forces will shape the future of space security, determining how well we can defend against an increasingly complex threat landscape,” he adds.

Hanson adds “I believe that the next couple of years will revolve around the role of AI and how its development will affect us all. This is a race that no one can afford to lose. That is also why you see huge investments and efforts from all around the world being carried out. AI has the potential to both disrupt our way of life and improve it immensely.”

Lodi believes given the rapid development of space technologies and the increasing sophistication of cyber threats, the probability of high-profile attacks on space infrastructure remains significant. “The interconnected nature of space systems and their critical role in various sectors make them attractive targets for cybercriminals and state actors alike. Continuous improvement and international collaboration are essential to address these evolving threats effectively,” he adds.

[This feature was published exclusively for Space Security Sentinel, a new cyber newsletter from the teams at Via Satellite and CyberSat. Learn more and subscribe here]