In a recent article with award-winning cyberdefence firm Snode Technologies, we outlined how counterspace threats are demanding alternatives to traditional, Earth-based defence strategies. The conclusion was clear: in orbit, agility is the only winning strategy – but recognising the threat is only the first step. The harder question is this: how do we defend systems that we can’t easily reach, patch or replace?

Satellites are not like servers in a data centre. Once launched, they may operate for a decade or more with little opportunity for upgrades. Many rely on third-party components with opaque supply chains, with some containing legacy code that no one fully owns or understands. And yet, these satellites remain critical to daily life on Earth. They enable everything from navigation to agriculture to defence.

Adversaries understand this dependency. Researchers at ETH Zurich have tracked over 120 cases of satellite cyber interference since 2022, ranging from denial-of-service outages to suspected data manipulation. In parallel, electronic attacks such as GPS spoofing have caused navigation blackouts for aircraft and ships. These incidents highlight that space systems are vulnerable not only because of their complexity, but also because their resilience depends on fragile ecosystems with many interlocking parts.

Nithen Naidoo, CEO of Snode Technologies, sees a different path forward. “The future isn’t as bleak as it may seem. Innovation is already underway. We’re seeing prototypes of machine learning tools that can spot unusual spacecraft behaviour in real time, outperforming older methods and keeping missions on track. The real question is whether we can deploy them quickly enough to stay ahead of the threats in orbit?”

The satellite supply-chain problem

Satellites are built from hundreds of interdependent parts sourced from a multitude of suppliers. Once launched, they cannot be recalled for upgrades or repairs; flaws or backdoors become part of the system for their entire lifespan. This makes the supply chain one of the weakest links in space security. An unverified microchip, a compromised software library or an overlooked configuration error can become an entry point for adversaries years after launch. Compounding the risk, satellites frequently outlive their original design life. It is not unusual for missions planned for seven years to stretch to 15. As they age, their security assumptions grow outdated, widening the gap between emerging threats and embedded defences.

When cybersecurity assumptions don’t survive launch

The supply chain challenge underscores that the logic of terrestrial defence does not easily apply to the nuances of the space industry. On Earth, distance is negligible, patches can be deployed overnight and servers can be replaced. In orbit, none of these safeguards apply.

A command that executes in milliseconds on a terrestrial network can take minutes when relayed through deep-space links, complicating real-time response. Additionally, satellites are built under strict size, weight and power (SWaP) constraints, leaving little spare capacity for continuous monitoring or defensive redundancy. Additionally, when disruption does occur, it rarely stays contained.

“In space, there is no such thing as an isolated fault,” explained Naidoo. “A disruption in orbit cascades outward, touching aviation, finance and critical services on Earth. The playbooks that protect networks on Earth don’t apply here; defending space means grappling with interference, fragile supply chains and the unforgiving physics of space.”

How satellites can learn to defend themselves

This is where innovation becomes critical. Advances in anomaly detection using AI and machine learning mean that, instead of waiting for human analysts, lightweight onboard systems can learn what “normal” looks like and flag deviations in real time.

Consider, for example, automated micro-patching. Instead of relying on bulky updates, satellites could apply small, targeted code changes that address vulnerabilities without requiring a full reboot. This approach minimises disruption while extending mission life.

Another avenue is embedded AI agents that operate like a biological immune system. They detect and respond to threats on the satellite itself, even when disconnected from ground control. Prototypes of autonomous monitoring systems are already in prototype form, and advances in edge computing make it increasingly feasible to deploy them in space.

Why South Africa belongs in the space race

While space security is often framed as the domain of superpowers, nations like South Africa, for example, already manufacture aerospace components, develop secure software and maintain deep expertise in operational technology through industries like mining and energy. These capabilities translate directly into space-grade engineering.

“When you look at what keeps satellites functioning, the components, code and control systems, these are exactly the areas where South Africa already excels,” said Naidoo.

Cost efficiency is also an advantage. For many global aerospace firms, sourcing secure, pre-integrated components from partners in emerging markets can be more economical than developing in-house. This positions countries like South Africa not only as users of space infrastructure, but as contributors to its resilience.

Building cyber counterspace resilience in the fluid now

The convergence of kinetic, non-kinetic, electronic and cyberthreats creates an environment where attacks can shift domains rapidly, leaving defenders struggling to keep pace. Meeting this challenge requires anticipating threats, simulating scenarios and adapting in real time. That means embedding supply chain assurance, AI-driven monitoring and cross-domain analysis into the heart of space operations.

Constant rehearsal and red-teaming are equally important. Systems must be stress-tested against unpredictable scenarios before they unfold in reality. Satellites may orbit hundreds of kilometres above Earth, but their failures are felt instantly. Protecting them demands a mindset shift to treating space as a critical infrastructure layer of modern life.

About Snode Technologies
Founded in 2016, Snode Technologies is a cybersecurity company specialising in AI- and machine learning-powered technology, combined with specialist-led managed services. The company helps organisations detect, prioritise and respond to cyberthreats in real time. Snode partners closely with clients across sectors to elevate their cyber maturity, reduce operational risk and strengthen decision-making through actionable intelligence. Headquartered in South Africa, Snode continues to expand its global presence while staying true to its core mission: enabling collective, proactive defence through technology and trust.