Space: The Final Frontier of Cybersecurity
By Antoine Hautin*
Translated and published from an opinion item in Les Echos on 11 September 2025 with the author’s permission.
Space has emerged as a new domain of competition and progress. As on Earth, it is imperative to ensure the security of space infrastructures against cyberattacks.
A New Geopolitical Arena
Space has become a major field of competition among global powers and plays a central role in contemporary geopolitical balances. The year 2024 marked a record, with 261 orbital launches—38 more than in 2023—of which 156 were conducted by the United States. With only three launches, Europe ranks seventh, behind Japan, India and Iran.
The Outer Space Cyber Frontier
In outer space—the “final frontier” of cybersecurity—ensuring the protection of digital systems is one of the many challenges that the expanding scale of space activities imposes on both public and private actors. From satellites to ground stations, including data links and embedded software, every element in the chain represents a potential target.
In recent years, the militarisation of space has intensified: since NATO officially recognised it in 2019 as the fifth domain of operations, around 630 military satellites are now in orbit—half of them American, and only about forty European.
The Grey Zone of Private Infrastructures
A further grey area raises unprecedented questions: the use of private space infrastructures in armed conflicts. The example of Starlink, employed by the Ukrainian military to maintain communications on the battlefield, illustrates how civilian solutions can rapidly become critical components of military operations.
Similarly, the cyberattack against the KA-SAT (Viasat) satellite, intended to prevent Ukraine from leveraging space-based assets in response to the Russian invasion, also had far-reaching repercussions across Europe—affecting thousands of customers, terminals, and essential infrastructure.
This growing porosity between civilian and military uses underscores the urgent need for regulation and for the protection of these dual-use and critical infrastructures.
A Regulatory and Strategic Vacuum
Today, the Internet relies heavily on space-based communications, while many space assets depend in turn on terrestrial networks. Although international agreements already exist to limit weapons of mass destruction in space, space cybersecurity remains an ill-defined battlefield.
Despite notable progress—through the NIS2 Directive, the Cyber Resilience Act, and the European Space Act—the legal framework remains fragmented and poorly adapted to current cyber threats. Neither the 1967 Outer Space Treaty nor subsequent international instruments provide operational responses to key issues such as liability, certification, or security standards.
This regulatory fragmentation has created a grey zone in which “out-of-norm” actors evolve with little oversight. The rapid rise of private constellations, many of them non-European, further exacerbates this strategic dependency.
Towards a European Governance of Space Cybersecurity
It is therefore urgent for public and private stakeholders to join forces to build a governance framework for space cybersecurity that matches the magnitude of the challenge.
An integrated European space cybersecurity ecosystem, encompassing engineering through to operational supervision, could rest on several pillars:
A European Space Cybersecurity Centre, bringing together the capabilities of CNES, ESA, ENISA and leading industrial actors in cybersecurity.
The establishment of an international space cybersecurity norm—a form of Digital Geneva Code—that would codify principles of non-aggression and transparency applicable to outer space.
The standardisation of certification and accreditation frameworks, to enable the effective oversight of cybersecurity in space operations.
Conclusion
If space remains a realm of conquest, it must also be one of equilibrium. Space cybersecurity can no longer be treated as a peripheral issue within industrial or defence policies. It is now a cornerstone of Europe’s strategic autonomy.
*Antoine Hautin is Secretary General of the ALMOND Group, a leading European cybersecurity company, where he oversees cross-functional strategic initiatives and leads its sovereign cyber activities. He also serves as Board Member of the Alliance for Digital Trust (ACN) and Vice-President of the Cyber Excellence Cluster (Pôle d’Excellence Cyber).
An engineer by training, Antoine has more than a decade of experience at the intersection of cybersecurity, defence, and public policy.
