Via Satellite/Freepik illustration

As the Pentagon increasingly depends on commercial space capabilities for sensing, transport, and resilience, a new frontier is emerging. A frontier where commercial satellites don’t just inform the battlefield but enable its most critical operations. This includes scenarios where commercial space assets help close kill webs, provide primary, contingency, alternative, and emergency (PACE) communications and sensing, and increasingly feed AI models in real-time.

But while proliferated Low-Earth Orbit (LEO) may secure the orbits through resiliency, the cyber terrain above and below them is a glaring weak point waiting to be exploited. In short, we are outsourcing the eyes and ears of modern warfare to satellites and networks that were not built with bullets, bombs, or nation-state adversaries in mind.

[This column was published exclusively for Space Security Sentinel, a new cyber newsletter from the teams at Via Satellite and CyberSat. Learn more and subscribe here]

From Commercial Enabler to Operational Actor

Programs like Golden Dome, the U.S. Space Force’s concept for layered missile warning, tracking, and defense, increasingly leverage commercial sensors to expand global reach and survivability. Meanwhile, satellite constellations such as Starlink, OneWeb, and others provide critical bandwidth for distributed operations at the tactical edge.

But these systems, optimized for commercial uptime, often lag in cyber posture. They are designed to be reactive, not proactive, in the face of evolving threat vectors. Starlink, for example, demonstrated incredible resilience in Ukraine, but only after facing direct electronic warfare, cyber-attacks, and Russian targeting of ground-based infrastructure. Starlink’s adjusting rapidly on the fly demonstrated an agility that impressed the Pentagon, but exposed vulnerabilities.

Now imagine those same commercial systems being used not just for broadband support, but for targeting data, mission planning, or secure communications in a hypersonic kill chain. If the data is compromised through manipulation, latency, or model poisoning, the kinetic effects could be delayed, misdirected, or disabled entirely.

The AI-Cyber Nexus: Data Integrity at Risk

Defense AI systems increasingly ingest commercial space data to train models for object detection, change analysis, and threat prediction. But these pipelines introduce a novel risk: if adversaries tamper with the data used to train or infer from those models, they can corrupt the AI’s output without ever touching the model itself.

This technique, known as data poisoning, is rapidly becoming a new front in information warfare. In the context of commercial satellites, where defense access is often through APIs, cloud services, or bulk imagery feeds, adversaries can inject misleading or adversarial examples upstream, confusing object classification, falsifying change detection, or introducing confidence-reducing anomalies.

In war, speed and certainty matter. Poisoned data erodes both.

Cyber Is Now a Kill Chain Element

Traditionally, cyber defense focused on protecting endpoints or networks. But when commercial satellites become essential elements in a warfighting kill chain, whether for sensor fusion, backup comms, or automated AI decision loops, cybersecurity becomes part of the kinetic equation. This shift then demands a fundamental rethink of roles and responsibilities:

• Who verifies the data’s provenance?
• Who has authority to shut down a compromised commercial feed?
• What service level agreements (SLAs) exist for incident response during a near-peer conflict?

These questions have no easy answers. But without them, we risk treating space as a utility when it’s already an active domain of competition and conflict.

Less expensive, accessible commercial space capabilities are here today. They are field-ready. The challenge is to use them smartly, understanding and quantifying risk, so decision makers can decide when speed, resilience, or stealth matter most. AI can help weigh these tradeoffs in real-time: for missile warning to tactical forces, I might choose the fastest communications route; for a sensitive Special Forces mission, I instead may prioritize the lowest probability of intercept/lowest probability of detection (LPI/LPD). To get there, we need immediate steps:

Zero Trust by Default: Treat every commercial feed as untrusted until proven otherwise. AI-enabled tagging, validation, and traceable ingest pipelines need to be standard, not optional.

Cyber in the Contract: Every agreement with a commercial satellite provider should lock in cybersecurity standards, red-team testing, and incident reporting – no exceptions.

Train for the Fight: Rehearse with industry in joint wargames where commercial satellites are jammed, spoofed, or hacked. They need to understand their assets will be targeted in conflict.

AI for Assurance: Build explainable AI pipelines that track data provenance from space to shooter, giving commanders confidence under fire.

Long-Term Needs: From Encryption to Resilience

Winning the next fight means closing structural gaps now, not after the first shot is fired. Strategic investments need to harden commercial space systems to survive under wartime conditions:

Post-Quantum Cryptography (PQC): Adversaries like China are advancing quantum capabilities fast. Current encryption protecting satellite-ground links and cloud APIs will not hold forever, and the “harvest now, decrypt later” threat is already real. The mandate is not an overnight migration, but immediate planning is a must: build hybrid crypto schemes, require PQC readiness in new systems, and retrofit legacy assets whenever possible.

Mission Partitioning: Commercial constellations that carry defense traffic should not expose it to the same risks as civilian payloads. Space-based virtual networks, software-defined payloads, and network slicing can allow defense-critical missions to be isolated and prioritized in a fight.

Secure-by-Design Platforms: Satellites are now contested infrastructure. Industry needs to adopt secure development lifecycles, supply chain risk management, and embedded threat monitoring from design through deployment. “Secure enough for peacetime” is no longer acceptable. Platforms must be built for war.

Ultimately, cyber resilience isn’t just a technical goal. It’s a deterrent. The more confidence adversaries have in their ability to infiltrate, degrade, or manipulate commercial satellite data, models, and communications, the more likely they are to try. Conversely, a visibly hardened, cyber-assured commercial ecosystem becomes a cost-imposing, attack-deterring capability in its own right.

The U.S. and its allies must act now. Because in future wars, the kill chain may be triggered by AI, routed through a commercial satellite, and closed in milliseconds. There will be no time to patch, scan, or debug. Only those who planned for this convergence of space, cyber, and AI will prevail.

Dr. Lisa Costa is CEO of Costa Advisory Group and was the first Chief Technology and Innovation Officer of the U.S. Space Force. She previously held executive positions at U.S. Special Operations Command, PlanetRisk, and MITRE. A recognized leader in emerging technology and national security, she advises venture-backed companies, Fortune 500s, and the U.S. government on space, cyber, and AI convergence.