Security researchers have discovered that half of all geostationary satellites in Earth's orbit carry unencrypted consumer, business, and military information, putting this data at risk of eavesdropping.
Researchers at the University of California, San Diego and the University of Maryland spent $800 on an off-the-shelf satellite receiver and held it in the sky for three years. They discovered large amounts of unencrypted data being sent to and from space, including people's private voice calls and text messages, as well as consumer internet traffic from in-flight Wi-Fi services.
Wired, which first published the researchers' findings, said the unencrypted data also included communications between critical infrastructure systems, such as energy and water suppliers, and offshore oil and gas platforms.
Over the past year, researchers have alerted affected organizations, including T-Mobile and AT&T's networks in Mexico, about the exposure and immediately began encrypting data to prevent future eavesdropping.
But researchers warn that not everyone, including some critical infrastructure providers, is remediating their own exposed data and that large amounts of satellite data will be exposed in the coming years.